Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

bleepingcomputer.com·May 2, 2026

A critical flaw in cPanel, tracked as CVE-2026-41940, is being exploited in widespread "Sorry" ransomware attacks that breach websites and encrypt data. Users are urged to apply emergency updates to protect their systems as thousands of IP addresses have already been compromised.

The critical takeaway for you as a cybersecurity professional is the active exploitation of a zero-day vulnerability (CVE-2026-41940) in cPanel, leading to "Sorry" ransomware attacks. It's crucial to ensure that all cPanel and WHM users immediately apply the available security updates to prevent unauthorized access and data encryption, highlighting the importance of timely patch management in your security strategy.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

Want more content like this?

More from Cybersecurity News

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

Linux bitten by second severe vulnerability in as many weeks

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor