:

CPANEL BUG UNDER ACTIVE EXPLOIT BY HACKERS

SECURITY DESK2 MIN READ
THU, APR 30, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Web hosting providers are rushing to patch a critical vulnerability in cPanel, the control panel software used by millions of websites. Hackers have been actively exploiting the flaw for months.

cPanel, which manages hosting accounts and server administration for a significant portion of the web, is the target of an ongoing attack campaign. Web hosts and system administrators worldwide have begun emergency patching efforts as the scope of the exploitation becomes clear. The vulnerability allows attackers to gain unauthorized access to hosting accounts and potentially compromise websites and data stored on affected servers. Security researchers indicate the bug has been leveraged by threat actors for an extended period, meaning the actual number of compromised systems could be substantial. One hosting company confirmed hackers have been abusing the vulnerability for months before the issue gained wider attention. The extended window of exploitation raises concerns about the full extent of the breach and what attackers may have accessed or modified during that time. Web hosts are prioritizing patches and updates to their systems. The distributed nature of cPanel deployments across thousands of hosting providers means the patch rollout will take time, leaving some infrastructure exposed during the transition period. Administrators managing cPanel installations have been advised to apply security updates immediately and review access logs for signs of unauthorized activity. Organizations using shared hosting should contact their providers to confirm patch status. This incident highlights the risks posed by vulnerabilities in widely-used infrastructure software. A single bug in popular hosting control panels can affect millions of websites simultaneously, making rapid patch deployment critical to prevent large-scale compromises. Details about the specific vulnerability and recommended remediation steps are being distributed through official cPanel channels and security advisories.

■ SOURCES

TechCrunch

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

10H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.