Critical cPanel RCE (CVE-2026-41940) Weaponized in 24 Hours: What Government, Military, and Hosting Teams Must Do Now
A critical cPanel vulnerability tracked as CVE-2026-41940 was turned into an active weapon within a day of disclosure. Attackers used an army of roughly 44,000 compromised IPs to scan and brute-force honeypots, before activity tapered to about 3,540 by May 3. The primary targeting appeared to focus on Southeast Asian government and military entities, as…