Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
Hosted on MSN

CPanel zero-day exploited since February gives hackers admin access to 1.5 million web hosting panels

A critical flaw in cPanel, the web hosting control panel software that underpins a massive share of the internet’s shared hosting infrastructure, has been actively exploited since at least February ...
Bleeping Computer

Compromised Site Management Panels are a Hot Item in Cybercrime Markets

Threat actors are openly advertising access to hacked websites as part of the underground economy. One of the most promising products is a compromised cPanel credential. They are sold in the thousands ...
Morning Overview on MSN

More than 40,000 cPanel servers are being hijacked in an ongoing attack that hands hackers entire web-hosting fleets

Attackers are actively exploiting a vulnerability in cPanel, the web-hosting control panel used by millions of websites worldwide, to seize administrative access to servers and gain control over ...
The Hacker News

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

CISA added CVE-2026-54420 to KEV, requiring federal agencies to patch LiteSpeed cPanel root escalation by June 18, 2026.