The Hacker News

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

Panel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.
SecurityWeek

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.
The Hacker News

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

Panel patched three vulnerabilities, including two 8.8 CVSS flaws, reducing risks of code execution and privilege escalation.

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...
Bleeping Computer

cPanel 2FA bypassed in minutes via brute-force attacks

A security flaw in the cPanel web hosting control panel allows attackers to circumvent two-factor authentication (2FA) checks via brute-force attacks for domains managed using vulnerable cPanel & ...