Over 40,000 Servers Compromised in Ongoing cPanel Exploitation Campaign

Over 40,000 servers have been compromised in an ongoing exploitation campaign targeting cPanel, a widely used web hosting control panel. The attacks are likely exploiting CVE-2026-41940, a recently patched zero-day vulnerability that allows attackers to gain administrative access. No specific timeline, threat actors, or geographic distribution of affected servers was provided. The flaw was addressed in a recent patch, but the scale of the compromise indicates widespread unpatched deployments. The impact involves unauthorized administrative control over compromised servers.