Another Week, Another Nightmare
2026 won’t quit, and is poised to ruin yet another weekend by forcing sysadmins to patch their systems. As we mentioned in the podcast the cPanel and WHM bugs are bad enough that some hosting companies have blocked ports 2083 and 2087 until patches are installed and verified on their customers sites. We are not sure when these exploits were first discovered and leveraged but attacks have been uncovered dating all the way back to February of this year. This news is not going to make anyone who owns one of the roughly 1.5 million cPanel instances that are exposed online.
If you aren’t 110% sure you’ve patched all the things, Bleeping Computer has a link to the Detection Artifact Generator script created by watchTowr that can be used to verify if your cPanel and WHM instances are vulnerable to CVE-2026-41940 or if you are safe … for the moment.
