Security researchers at XLab have outlined an active attack campaign targeting CVE-2026-41940, the recently disclosed vulnerability in cPanel & WHM, and have linked it to a stealthy hacking group that has been operating largely undetected for years. The vulnerability allows an attacker to log into a cPanel server without a username or password, effectively handing them administrator control over the cPanel host system, its configurations and databases, and the websites it manages. The attack campaign … More →
The post Stealthy hackers exploit cPanel flaw in active backdoor campaign (CVE-2026-41940) appeared first on Help Net Security.