Thousands of websites vulnerable as hackers exploit critical cPanel bug now
Security

Thousands of websites vulnerable as hackers exploit critical cPanel bug now

Over 550,000 servers running cPanel are at risk after hackers compromised around 2,000 sites, with ransomware threats already impacting victims. What’s next?

Editorial
Editorial Staff
1 hour ago 1 min read
NeboAI I summarize the news with data, figures and context
IN 30 SECONDS

35 sec read time You saved ~1 min
IN 1 SENTENCE

SENTIMENT
Neutral

𒀭
NeboAI is working, please wait...
Preparing detailed analysis
Quick summary completed
Extracting data, figures and quotes...
Identifying key players and context
DETAILED ANALYSIS
SHARE
Was this helpful?

NeboAI produces automated editions of journalistic texts in the form of summaries and analyses. Its experimental results are based on artificial intelligence. As an AI edition, texts may occasionally contain errors, omissions, incorrect data relationships and other unforeseen inaccuracies. We recommend verifying the content.

© NeboAI 2025 About Nebo

Over 550,000 servers running cPanel are considered at risk due to a recently disclosed vulnerability, with nearly 2,000 instances reportedly compromised as of Monday. This represents a significant decrease from approximately 44,000 affected servers just a few days prior, according to data from the nonprofit Shadowserver.

The exploitation of the flaw, known as CVE-2026-41940, was first reported by security researchers on Thursday. Hackers have been using this bug to gain complete control over affected servers, leading to a series of compromises that include ransomware attacks. Some victims have publicly displayed ransom notes, and Google has indexed numerous sites that were overtaken by attackers.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included the vulnerability in its Known Exploited Vulnerabilities catalog, urging government agencies to implement patches by Sunday. Despite these warnings, it remains unclear whether all agencies have successfully secured their systems. KnownHost CEO Daniel Pearson indicated that attacks may have been occurring since February 23, prior to the vulnerability being made public.

Tags: cpanel webhost manager cybersecurity ransomware attack shadowserver united states
Want to read the full article? Access the original article with all the details.
Read Original Article
TL;DR

This article is an original summary for informational purposes. Image credits and full coverage at the original source. · View Content Policy

Editorial
Editorial Staff

Our editorial team works around the clock to bring you the latest tech news, trends, and insights from the industry. We cover everything from artificial intelligence breakthroughs to startup funding rounds, gadget launches, and cybersecurity threats. Our mission is to keep you informed with accurate, timely, and relevant technology coverage.

7511 articles →

Related Articles

Gen Z Faces Growing Threat from Online Job Scams, New Study Reveals Alarming Trends

Major Universities at Risk as Hackers Threaten Data Breach with Vendor Attack

NHS Faces Growing Criticism Over Decision to Conceal Source Code Amid AI Threats

Instructure's Data Breach Exposes Sensitive Information of Thousands of Students

Thousands of Websites at Risk as DigiCert Revokes Certificates Following Cyber Attack

Former negotiator's leaked emails reveal potential threats to national security.

Instructure Faces Backlash as Data Breach Exposes Student Information to Hackers

RCS Encryption in iOS 26.5 Enhances User Security Against Cyber Threats

UAE Faces Surge in Cyber Threats as Iran-Linked Hackers Launch 700,000 Daily Attacks
Press Enter to search or ESC to close