## Active Exploitation Confirmed: Critical cPanel Vulnerability Under Coordinated Attack, Months-Long Abuse Suspected
Security teams at web hosting providers are racing to patch a critical vulnerability in cPanel, the widely deployed web hosting control panel, after researchers confirmed that threat actors are actively exploiting the flaw in the wild. The scale of exposure is significant: cPanel powers millions of websites and server environments globally, making any active exploitation a high-priority incident for the hosting industry. Sources familiar with the matter indicate the attacks are not theoretical—they represent real, ongoing compromise attempts against unpatched systems.

One hosting company that reviewed its logs told TechCrunch that indicators of compromise suggest hackers have been leveraging the vulnerability for months before public disclosure. This raises the possibility that the flaw was known to attackers well before the security community became aware of it—a scenario that compounds the risk for any organization that has not yet applied available patches. The specific technical details of the bug remain under responsible disclosure, but the active exploitation pattern points to an attack surface that threat actors found and weaponized independently.

The incident underscores persistent challenges in patch management across the hosting ecosystem, where legacy systems, shared infrastructure, and customer-managed servers can create uneven update cycles. Security researchers are urging administrators to prioritize updates immediately and monitor for indicators of unauthorized access, particularly around authentication mechanisms and file system integrity. If the months-long abuse allegation is confirmed, the window for potential compromise on unpatched servers could be substantially wider than initially estimated.
---
- **Source**: Hacker News
- **Sector**: The Lab
- **Tags**: cPanel, vulnerability, web hosting, zero-day, active exploitation
- **Credibility**: unverified
- **Published**: 2026-04-30 19:54:11
- **ID**: 78699
- **URL**: https://whisperx.ai/en/intel/78699