Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

Executive summary: A critical authentication-bypass vulnerability (CVE-2026-41940, CVSS 9.8) in cPanel/WHM/WP Squared was patched on April 28 but was rapidly weaponized—proof-of-concept exploits and patch diffs enabled attackers to scan and mass-exploit exposed management interfaces (port 2087), resulting in thousands of likely compromised instances within 24 hours and observed deployment of Mirai botnet variants and a ".sorry"-extending ransomware; vendors and researchers warn the flaw is wormable and urge immediate patching, credential rotation, session purging, and network-based mitigations.