Hackers are actively exploiting a bug in cPanel, used by millions of websites

Security researchers disclosed a critical authentication-bypass vulnerability (CVE-2026-41940) in cPanel and WHM that can allow attackers to remotely bypass the login screen and gain full administrative control of affected servers. Given the wide use of cPanel/WHM across shared hosting providers, the flaw poses large-scale risk; major hosts (Namecheap, HostGator, KnownHost) reported blocking or patching access and observed exploitation attempts, and national cybersecurity guidance warned exploitation is highly probable.