> TritonInfoSec News
Home / May 12, 2026 / Story
0
#6 The Hacker News general May 11, 2026 at 17:54 UTC

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

By [email protected] (The Hacker News)

AI Summary

A threat actor identified as Mr_Rot13 is actively exploiting CVE-2026-41940, a critical authentication bypass in cPanel and WebHost Manager (WHM), to deploy a backdoor named 'Filemanager' on compromised hosting environments. The vulnerability allows remote attackers to gain elevated control without authentication. Hosting providers and managed service providers running cPanel/WHM infrastructure should treat this as an urgent remediation priority.

Read full article → https://thehackernews.com/2026/05/cpanel-cve-2026-…

Relevance score: 84.0/100

# More from May 12

  1. 1
    Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation The Hacker News
  2. 2
    Google: Hackers used AI to develop zero-day exploit for web admin tool BleepingComputer
  3. 3
    Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak The Hacker News
  4. 4
    New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks SecurityWeek
  5. 5
    Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads The Hacker News
  6. 7
    TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack The Hacker News
  7. 8
    TrickMo Android banker adopts TON blockchain for covert comms BleepingComputer
  8. 9
    UK water company allowed hackers to lurk undetected for nearly two years, regulator finds The Record
  9. 10
    Hackers abuse Google ads, Claude.ai chats to push Mac malware BleepingComputer