{“lastseen”:”2026-05-01T12:07:21″,”description”:”Security researchers are warning about a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). \\n\\nThis is a critical, actively exploited authentication-bypass bug in cPanel\/WHM that lets attackers gain administrative access to the interface without credentials, potentially take over servers and all hosted sites.\\n\\nThe vulnerability, tracked as CVE-2026-41940, has been added to the Known Exploited Vulnerabilities catalog by the Cybersecurity and Infrastructure Security Agency (CISA), meaning there is evidence it is being used in real-world attacks.\\n\\nBecause cPanel\/WHM is used by over a million sites worldwide, including banks and health organizations, the potential impact is huge. In simple terms, the bug can act like a front\u2011door key to a big chunk of the web\u2019s hosting infrastructure.\\n\\ncPanel released patches on April 28, 2026, and urged all customers and hosts to update. It said all supported versions after 11.40 are affected, including DNSOnly and WP Squared.\\n\\nHosting providers including Namecheap, HostGator, and KnownHost temporarily blocked access to cPanel interfaces while patching, treating this as a critical authentication bypass and reporting exploit attempts going back to late February 2026.\\n\\n## How to stay safe\\n\\nWhile it\u2019s up to the hosting companies and website owners to patch as quickly as possible, there are ways to reduce your risk if a site you use is compromised.\\n\\nAs always, limit the data you share with websites to what\u2019s absolutely necessary. Data they don\u2019t have can\u2019t be stolen.\\n\\nWhen ordering from an online retailer, don’t tick the box to save your card details for future purchases as they will be stored on the server.\\n\\nIf there’s an option to check out as a guest, use it. It reduces the amount of personal data tied to an account.\\n\\nDon\u2019t reuse passwords. When one site is compromised, having the same credentials in several places turns it into a multi\u2011account takeover problem. A password manager can help you create complex unique passphrases, and remember them for you.\\n\\nWhere possible, pay by credit card. In many regions, this gives you stronger fraud protection.\\n\\n* * *\\n\\n\\n\\n### Your details are probably already for sale. \\n\\nFIND OUT HERE\\n\\n* * *\\n\\n## When a site you trust gets hacked\\n\\nIf you think you’ve been affected by a data breach, take the following steps: \\n\\n * **Check the company\u2019s advice.** Every breach is different, so check with the company to find out what\u2019s happened and follow any specific advice it offers.\\n * **Change your password.** You can make a stolen password useless to thieves by changing it. Choose a strong password that you don\u2019t use for anything else. Better yet, let a password manager choose one for you.\\n * **Enable two-factor authentication (2FA****).** If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password, but 2FA that relies on a FIDO2 device can\u2019t be phished.\\n * **Watch out for impersonators.** The thieves may contact you posing as the breached platform. Check the official website to see if it\u2019s contacting victims and verify the identity of anyone who contacts you using a different communication channel.\\n * **Take your time.** Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.\\n * **Consider not storing your card details**. It\u2019s definitely more convenient to let sites remember your card details, but it increases risk if a retailer suffers a breach.\\n * **Set up identity monitoring**, which alerts you if your personal information is found being traded illegally online and helps you recover after.\\n\\n\\n\\n* * *\\n\\n**What do cybercriminals know about you?**\\n\\nUse Malwarebytes\u2019 free **Digital Footprint scan** to see whether your personal information has been exposed online.\\n\\nSCAN NOW”,”published”:”2026-05-01T10:48:19″,”modified”:”2026-05-01T10:48:19″,”type”:”malwarebytes”,”title”:”Actively exploited cPanel bug exposes millions of websites to takeover”,”source”:””,”references”:””,”id”:”MALWAREBYTES:0FB9B1E3947A1930916FB1F560BA88AB”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[“CVE-2026-41940″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/05\/actively-exploited-cpanel-bug-exposes-millions-of-websites-to-takeover”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-05-01T12:07:21″,”description”:”Security researchers are warning about a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). \\n\\nThis is a…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,35,12,115,13,7,11,5],"class_list":["post-50697","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-malwarebytes","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n