InMotion Hosting Keeps Customer Sites Online Through Industry-Wide cPanel Security Response

InMotion Hosting announced the successful fleet-wide resolution of CVE-2026-41940, a critical pre-authentication ...
Hosted on MSN

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Security researchers are sounding the alarm on a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). The bug allows hackers to hijack and ...
Bleeping Computer

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. It is ...
The Hacker News

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

CVE-2026-48172 lets cPanel users run scripts as root, affecting LiteSpeed plugin 2.3–2.4.4 and exposing servers.
Bleeping Computer

cPanel, WHM emergency update fixes critical auth bypass bug

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be exploited to obtain access to the control panel without authentication. The ...

Security Patch: Security vulnerabilities in cPanel and WHM closed again

Attackers can attack cPanel and WebHost Manager with malicious code, among other things. Security patches are available.