webpros News Articles
Recent news articles refferecing the vendors vulnerabilities.
The Hacker NewsCVE-2026-41940Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
cPanel CVE-2026-41940 exploited within 24 hours, enabling 44,000 IP attacks and data breaches across global networks.
1 hour ago
It Security NewsCVE-2026-41940U.S. CISA adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalog - IT Security News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-41940 (CVSS score of 9.3), to…Read mo...
21 hours ago
Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in
2 days ago
Hackers Are Actively Exploiting a Bug In cPanel, Used By Millions of Websites - Slashdot
Hackers are actively exploiting a critical cPanel and WHM vulnerability, tracked as CVE-2026-41940, that allows remote attackers to bypass the login screen and gain full administrative access to affected web servers. Major hosts including Namecheap, HostGator, and KnownHost have taken mitigation ste...
2 days ago
It Security NewsCVE-2026-41940cPanelSniper PoC Exploit Disclosed as 44,000 Servers Reportedly Compromised - IT Security News
A critical zero-day vulnerability in cPanel and WebHost Manager (WHM) is under massive active exploitation following the public release of a sophisticated proof-of-concept exploit. Tracked as CVE-2026-41940, this flaw has already compromised tens of thousands of servers worldwide. The vulnerability,...
2 days ago
It Security NewsCVE-2026-41940cPanelSniper – PoC Exploit Disclosed for cPanel Vulnerability, 44,000 Servers Compromised - IT Security News
A weaponized proof-of-concept (PoC) exploit framework dubbed “cPanelSniper” has been publicly released for CVE-2026-41940, a maximum-severity authentication bypass in cPanel & WHM that has already led to the compromise of tens of thousands of servers worldwide with attack activity traced…Read more →
2 days ago
WebpronewsCVE-2026-41940cPanel's Hidden Flaw: How Hackers Slipped Past Logins for Months, Jeopardizing Millions of Sites
Hackers exploited a critical cPanel authentication bypass (CVE-2026-41940) for months before patches dropped on April 28, 2026. Affecting all supported versions, the flaw grants root access to 1.5 million exposed servers, risking mass site takeovers.
2 days ago
HackreadCVE-2026-41940Critical cPanel Vulnerability Lets Attackers Bypass Login, Gain Root Access
A critical cPanel vulnerability lets attackers bypass login and gain root access, with active exploitation reported before patches were released.
3 days ago
HackadayThis Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool
Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local privi…
3 days ago
TechweezCVE-2026-41940Critical cPanel Bug Lets Anyone Take Over Your Website Without a Password
A vulnerability in cPanel and WHM allows attackers to bypass login and take over websites, but a patch for CVE-2026-41940 is now available.
3 days ago
It Security NewsCVE-2026-41940Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM - IT Security News
What is CVE-2026-41940? CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow and allows unauthenticated remote attackers to gain unauthorized access…Read m...
4 days ago
Help Net SecurityCVE-2026-41940cPanel zero-day exploited for months before patch release (CVE-2026-41940) - Help Net Security
A critical vulnerability (CVE-2026-41940) in the cPanel control panel for managing web hosting accounts, is being exploited by attackers.
4 days ago
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February.
4 days ago
Cyber Risk LeadersCVE-2026-41940Rapid7 warns cPanel and WHM authentication bypass is being exploited
Rapid7 has published an emergent threat response on a vulnerability affecting cPanel & WHM and WP Squared, warning it has been observed being exploited in the wild.
4 days ago
Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months
A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.
5 days ago