Vendor
WebPros
cPanel & WHM and WP2 (WordPress Squared)
Tracked CVEs
Linked incidents
Coverage timeline
-
Security Affairs Round 97 Covers JDownloader Hacked, TrickMo Risesecurityaffairs.com · May 17, 2026
-
Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoorsecurityaffairs.com · May 12, 2026
-
Mr_Rot13 Exploits Critical cPanel Flaw, Deploys Filemanagerthehackernews.com · May 11, 2026
-
New cPanel vulnerabilities could allow file access and remote code executionsecurityaffairs.com · May 10, 2026
-
cPanel fixes bugs enabling code execution or privilege escalationthehackernews.com · May 9, 2026
-
DomainTools Investigations | Cybersecurity Reading List - Week of 2026-05-04dti.domaintools.com · May 7, 2026
-
cPanel auth bypass exploited in Asian gov, MSP attackssecurityaffairs.com · May 4, 2026
-
Attackers Exploit cPanel Flaw, Endangering Millions of Websiteswww.darkreading.com · May 4, 2026
-
Hacker News Weekly: Exploits Outpace Patches, Systems at Risk.thehackernews.com · May 4, 2026
-
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networksthehackernews.com · May 4, 2026
-
Attackers hit over 40k cPanel servers via CVE-2026-41940 flawwww.securityweek.com · May 4, 2026
-
CISA adds critical cPanel auth bypass flaw to KEV cataloguesecurityaffairs.com · May 3, 2026
-
Critical cPanel WHM bypass lets attackers hijack admin accesswww.malwarebytes.com · May 1, 2026
-
“to recover your files, kindly send 0.1 BTC to…” ransom note appears on websitesdatabreaches.net · Apr 30, 2026
-
CISA flags critical cPanel WHM auth flaw allowing remote takeoverwww.cisa.gov · Apr 30, 2026
-
CISA Flags Critical cPanel & WHM Bug CVE‑2026‑41940 Under Attackcisa.gov · Apr 30, 2026
-
Critical cPanel Auth Bypass (CVE-2026-41940) Exposes 1.5M Serverswww.securityweek.com · Apr 30, 2026
-
Critical cPanel Flaw Lets Hackers Hijack Admin Access Remotelywww.rapid7.com · Apr 29, 2026