A serious security flaw has been found in cPanel software, and it is now being actively used by attackers. This issue is very dangerous because it allows hackers to access and take control of websites without needing a proper login or password.
Hackers Exploit cPanel Vulnerability to Control Thousands of Websites
The problem was discovered recently, but it quickly became a big concern in the tech community. In a short time, attackers started targeting systems using this weakness. As a result, thousands of websites are now at risk, and many may already be affected. Experts say this situation shows how important it is to fix security issues as quickly as possible.
On April 28, cPanel released a security update to fix a serious problem in its software. This issue affected cPanel, WebHost Manager (WHM), and WP Squared products, which are widely used to manage websites. The very next day, the flaw was officially named CVE-2026-41940 and given a high risk score of 9.8, showing how critical it is. Around the same time, security researchers shared a test method (called a proof-of-concept), which made it easier for attackers to understand and use the flaw.
Experts say this issue is very dangerous because it can let attackers take full control of servers and websites. This means they can access data, change files, or even shut down websites if the problem is not fixed quickly.
Rapid Attacks Spread Within Hours of Disclosure
Soon after the flaw became public, attackers quickly started using it to target systems. Within just 24 hours, many websites and servers were already under attack, showing how fast such threats can spread. Reports suggested that around 15,000 systems may have been affected in a very short time. Some attackers used botnet malware like Mirai to take control of systems, while others used ransomware that locked files and added a “.sorry” extension to them. This incident is also being discussed under the broader topic of Microsoft Teams cyberattack.
In one case, a user shared that their server was attacked within minutes. The attacker did not need any password to get access, and even security steps like two-factor authentication could not stop the attack. This shows how serious and powerful the flaw is.
Security experts say these attacks are increasing every day, and the number of attempts is growing quickly. Some companies have reported seeing hundreds of attack attempts on their systems in a short period of time. Researchers believe that some attackers may have already known about this flaw before it was officially announced. Because of this, they were ready to launch attacks as soon as the news became public. Experts also explain that the update released by cPanel may have helped attackers understand the weakness more clearly. By studying the fix, they were able to create tools and methods to use the flaw more easily. This situation is also being discussed under the topic of Indian cyberattack Pakistan.
There are several reasons why this issue spread so fast. First, cPanel is widely used and powers millions of websites around the world. Second, the vulnerability affects all supported versions, which means many systems are exposed. Third, tools for scanning and attacking systems are now faster and cheaper, allowing attackers to target many websites in a short time. Experts say security teams often have only 24 to 48 hours to fix such issues before attackers start exploiting them.
Read more: Pakistan Boosts Cybersecurity for Banking Sector Amid Rising Threats
Security experts are advising companies to act quickly. They should update their cPanel software to the latest version immediately. They also suggest changing passwords, including admin and server access details, to stay safe. If updates are not possible right away, experts recommend blocking certain ports like 2083, 2087, 2095, and 2096 to reduce risk. Additionally, companies should check their systems for unusual activity and remove any suspicious access. The cPanel vulnerability is a serious issue that shows how fast cyber threats can spread. Thousands of websites are already affected, and more could be at risk if action is not taken. This situation highlights the importance of quick updates and strong security practices. Businesses must stay alert and respond quickly to protect their systems and data. News source eTimes Pakistan.
