Critical cPanel Vulnerability CVE-2026-41940 Targeting Government Bodies and MSPs

Colleagues, please note: active exploitation of cPanel vulnerability CVE-2026-41940 has been observed.
- According to Ctrl‑Alt‑Intel, attacks target government/military domains in the Philippines and Laos, and MSP/hosting providers; operators leveraged public PoCs from IP 95.111.250[.]175.
- An Indonesian portal was attacked using authenticated SQLi and RCE, CAPTCHA bypass via cookie reading, and hard‑coded credentials.
- Persistence was achieved with AdapdixC2, OpenVPN and Ligolo; large-scale automation observed (Mirai, ransomware).
Why this matters: the flaw enables authentication bypass and persistent access — update cPanel and monitor indicators.
How will you strengthen your defenses?
#cybersecurity #vulnerabilities #cPanel #infosec


Latest comments
No comments yet.