THREATNOIR
Subscribe
Back to show
Red vs Blue Show

cPanel Auth Bypass Hits 1.5 Million Servers

May 1, 2026 · 1:40

A CVSS 9.8 authentication bypass in cPanel (CVE-2026-41940) allowed unauthenticated attackers to inject malicious data into session files and gain admin ac…

X

Watch next

LiteSpeed cPanel Symlink Flaw Exploited in the Wild
1:40

LiteSpeed cPanel Symlink Flaw Exploited in the Wild

Jun 15, 2026

Miasma Worm Rides PyPI to Steal Dev Secrets
1:40

Miasma Worm Rides PyPI to Steal Dev Secrets

Jun 8, 2026

Palo Alto Auth Bypass Goes From Medium to Mayhem
1:40

Palo Alto Auth Bypass Goes From Medium to Mayhem

Jun 2, 2026

AI Slop Forks Poison Open-Source Repos
1:40

AI Slop Forks Poison Open-Source Repos

Jun 1, 2026

Fake Claude Code Sites Drop Fileless Stealer
1:40

Fake Claude Code Sites Drop Fileless Stealer

May 31, 2026

One Forged Header Bypasses Fortinet Authentication
1:40

One Forged Header Bypasses Fortinet Authentication

May 29, 2026

Ransomware Crew Walks Into Law Firms Literally
1:40

Ransomware Crew Walks Into Law Firms Literally

May 28, 2026

Hardcoded Keys Let Attackers Own Every LMS
1:40

Hardcoded Keys Let Attackers Own Every LMS

May 27, 2026

Ghost CMS SQL Injection Owns 700 Sites
1:40

Ghost CMS SQL Injection Owns 700 Sites

May 26, 2026