Hackers are actively exploiting a bug in cPanel and WHM techcrunch.com 39 points by dotmanish 1 day ago
sikozu 1 day ago There must be so many (small) shared hosting companies that don't update their software, those poor customers.
dspillett 1 day ago With this (CVE-2026-41940) and copy.fail (CVE-2026-3143), it must be an exciting time in the shared hosting business right now… Glad I've been out of it for a long time.
aitchnyu 1 day ago Which are the safest control panels^ ? Been thinking about Hostineer which developed and dogfooded ApisCP over 20 years.[^] a product made for commercial operators stuffing thousands of PHP sites into a server, so no Coolify, Google Cloud Run.
ChrisArchitect 1 day ago A full breakdown of the vulnerability: https://labs.watchtowr.com/the-internet-is-falling-down-fall... sikozu 1 day ago Thanks for sharing, this is a great read!
jmclnx 22 hours ago Luckily my site uses Plesk after moving away from cPanel years ago.I have to wonder if this issue is due to never reviewing auto-test scripts ?I know where I worked, testing is now an afterthought and half the time testing means no issues compiling and deploying :)We had a separate testing group and they caught lots of issues. But due to Agile, they were all fired years ago. cestith 19 hours ago Plesk is a separate team owned by the same parent company.
There must be so many (small) shared hosting companies that don't update their software, those poor customers.
With this (CVE-2026-41940) and copy.fail (CVE-2026-3143), it must be an exciting time in the shared hosting business right now… Glad I've been out of it for a long time.
Which are the safest control panels^ ? Been thinking about Hostineer which developed and dogfooded ApisCP over 20 years.
[^] a product made for commercial operators stuffing thousands of PHP sites into a server, so no Coolify, Google Cloud Run.
A full breakdown of the vulnerability: https://labs.watchtowr.com/the-internet-is-falling-down-fall...
Thanks for sharing, this is a great read!
Luckily my site uses Plesk after moving away from cPanel years ago.
I have to wonder if this issue is due to never reviewing auto-test scripts ?
I know where I worked, testing is now an afterthought and half the time testing means no issues compiling and deploying :)
We had a separate testing group and they caught lots of issues. But due to Agile, they were all fired years ago.
Plesk is a separate team owned by the same parent company.