Weekly Cybersecurity Threat Briefing — June 1, 2026
## 1. 🔴 cPanel Authentication Bypass — Mass Exploitation & Ransomware (CRITICAL) **What happened:** A critical authentication bypass vulnerability in cPanel and WHM (CVE-2026-41940, CVSS 9.8) has been under mass exploitation since February. Attackers are using this flaw to gain root access to web hosting servers, deploy "SORRY" ransomware, and conscript servers into botnets. Over 1.5 million internet-facing cPanel instances were at risk, with at least 44,000 confirmed compromises. **Who's affected:** Any business using cPanel-based web hosting — which includes a huge number of small business websites. **Risk Level:** 🔴 CRITICAL **What to do:** - Contact your hosting provider immediately and ask if they've patched CVE-2026-41940 - If you self-host with cPanel, update to the latest version *today* - Rotate all cPanel and WHM passwords - Check your site for signs of compromise (unexpected files, redirects, or performance issues) --- ## 2. 🔴 Microsoft Patch Tuesday...




