Connect with us

News

Hackers are actively exploiting a bug in cPanel, used by millions of websites

info

Published

on

Cpanel security flaw bug.jpeg

Security researchers are sounding the alarm on a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). 

The bug allows hackers to hijack and take full control of the servers running the affected software, which is thought to be used by tens of millions of website owners around the world.

Many commercial web hosting companies have patched their customers’ systems already. But the cPanel maker urged customers to ensure that their systems are patched as the bug affects all supported versions of the software.

cPanel and WHM are two software suites used for managing web servers that host websites, manage emails, and handle important configurations and databases needed to maintain an internet domain. The two suites have deep-access to the servers that they manage, allowing a malicious hacker potentially unrestricted access to data managed by the affected software.

The bug, officially tracked as CVE-2026-41940, allows malicious hackers to remotely bypass its login screen to gain full access to the software’s administration panel. 

Given the ubiquity of the cPanel and WHM software across the web hosting industry, hackers could compromise potentially large numbers of websites that haven’t patched the bug.

Canada’s national cybersecurity agency said in an advisory that the bug could be exploited to compromise websites on shared hosting servers, such as large web hosting companies.

The agency said that “exploitation is highly probable” and that immediate action from cPanel customers, or their web hosts, is necessary to prevent malicious access.

Web hosting giant Namecheap, which uses cPanel to allow its customers to manage their web servers, said the company blocked access to customers’ cPanel panels after learning of the flaw to prevent exploitation, and to give it time to patch its customers’ systems

Hostgator also said it patched its systems and is considering the bug a “critical authentication-bypass exploit.”

One web hosting company says it found evidence that hackers have been abusing the vulnerability for months before the attempts were discovered.

KnownHost CEO Daniel Pearson said in a post on Reddit that his company has seen attempts to exploit the vulnerability as far back as February 23. The company said it also briefly began blocking access to customer systems before applying patches.

According to Pearson, around 30 servers at KnownHost showed signs of unauthorized attempted access out of thousands of computers on its network. Pearson likened the efforts to attempts, and has not seen signs of active compromise. cPanel also said it rolled out a security fix for WP Squared, a similar tool for managing WordPress websites.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

NDLEA arrests Nigerian-British grandma with 13kg of cocaine hidden in plantain peels

info

Published

on

By

Dadda.png

The National Drug Law Enforcement Agency (NDLEA) has arrested a 67-year-old Nigerian-British grandma following the discovery of 13kg of cocaine in her luggage at the Murtala Muhammed International Airport (MMIA), Ikeja, Lagos.

NDLEA spokesperson Femi Babafemi said in a statement on Sunday that the drugs were concealed in peels of plantain, which appeared as real plantains and were packed among other food items.

Mr Babafemi said the suspect, who works as a caregiver in the UK, was arrested at the departure hall of Terminal 2 of the Lagos airport while attempting to board a Virgin Atlantic airline flight to London on Sunday, June 28.

He said a thorough search of her bags resulted in the discovery of 31 big wraps of cocaine, which were packaged to appear like plantain hands, weighing a total of 13 kilogrammes.

“In her statement, the elderly woman admitted full ownership of the recovered cocaine exhibits,” he said.

The NDLEA spokesman said that a sting operation in the Ekwusigo Local Government Area of Anambra State on Monday, June 29, resulted in the arrest of a 45-year-old PhD student at the University of Putra, Malaysia, over the seizure of 5.80kg  of cocaine.

Mr Babafemi said the drugs were concealed in the walls of nine cartons of Orijin bitters, a consignment that was part of a consolidated cargo heading to Kuala Lumpur, Malaysia.

He said the arrest of the suspect in Anambra followed the interception of 36 parcels of cocaine, with a gross weight of 5.80kg, concealed within the walls of the herbal drink cartons.

“Four suspects were initially arrested in parts of Lagos during investigations, including a driver who conveyed the consignment to the cargo agent.

“Also, a trader at ASPANDA market, Trade Fair Complex, Lagos, who handed over the consignment to the driver for delivery to the cargo agent.

“There was also an accomplice who supplied the cartons of Origin bitters used in concealing the cocaine.

“The efforts eventually paid off, leading to the unmasking of the main suspect hiding in his village, Aziora, Ozubulu, Anambra, as the leader of the syndicate,” he said.

In another development, in Taraba, NDLEA operatives acting on credible intelligence on Saturday, July 4, arrested a suspect with 43,980 capsules of Tramadol.

Mr Babafemi said the drugs were concealed inside two vehicle fuel tanks along Zaki-biam road, Wukari Local Government Area of the state, while coming from Onitsha, Anambra state.

“Two suspects were arrested in possession of 1.7 kilogrammes of methamphetamine by NDLEA officers on Thursday, July 2, during a raid operation at Gwantu, Gwantu LGA, Kaduna State.

“A 65-year-old suspect was nabbed with 231.7kg skunk at Ikwo, Ebonyi State, on Saturday,”he said.

Similarly, a 75-year-old grandpa was arrested in possession of 15kg of skunk in Kurgwi, Qua’anpan Local Government Area (LGA), Plateau, on Friday, July 3.

Additionally, in Gombe State, NDLEA operatives, acting on credible intelligence on Wednesday, arrested two suspects in Kuri village, Yamaltu-Deba LGA, where they were found with 587 blocks of cannabis sativa, weighing 556kg.

Mr Babafemi said commands and formations of the agency across the country have continued the War Against Drug Abuse (WADA) sensitisation activities.

He said the campaigns were carried out in schools, worship centres, workplaces, and communities, among others, in the past week.

Mr Babafemi added that the agency took the campaign to students and staff of Girls Secondary School, Abagana, Anambra, and Government Technical College, Obe, Enugu.

Others include Adeola Odutola College, Ijebu Ode, Ogun State, and FCE Staff Demonstration School, Kabuga, Kano State.

The NDLEA chairman, retired Brig.-Gen. Buba Marwa, commended the officers and men of the MMIA, Taraba, Kaduna, Ebonyi, Plateau, and Gombe Commands for the arrests and seizures.

He tasked officers to continue to raise the operational bar.

(NAN)

Continue Reading

News

STATEMENT MADE! D’TIGERS COMPLETE PERFECT 3-0 SWEEP WITH 44-POINT ROUT OF RWANDA

info

Published

on

By

Nigeria’s senior men’s basketball team, D’Tigers, have served notice to the rest of Africa after wrapping up the latest FIBA Basketball World Cup African Qualifiers window with a flawless 3-0 record, crowned by a dominant 106-62 demolition of Rwanda.

In a performance that underlined their resurgence, D’Tigers overwhelmed Rwanda from the opening tip, controlling both ends of the floor and never allowing their opponents a route back into the contest. Nigeria stormed to a 25-14 first-quarter lead, stretched the advantage to 49-29 at halftime, and produced an even more devastating second half to seal an emphatic 44-point victory.

Read Also: Caleb Agada, Uche Iroegbu Lead Nigeria’s Assault On Rwanda In Third Game At FIBA World Cup Qulaiifers | Sports247 Nigeria

The result was the perfect ending to an outstanding qualification window in which Nigeria rediscovered the grit, chemistry, and confidence that have long made D’Tigers one of Africa’s elite basketball nations.

The journey began with a hard-earned 84-81 victory over Tunisia, where Nigeria showed remarkable composure to overcome one of the continent’s traditional powerhouses. They followed it with another nail-biting triumph, edging Guinea 80-79 in dramatic fashion to end Guinea’s unbeaten run and keep their own perfect record intact.

With momentum fully on their side, D’Tigers saved their most complete performance for the final game. Against Rwanda, the Nigerian side delivered an attacking masterclass, moving the ball brilliantly, defending with intensity, and scoring at will as they cruised to a commanding 106-62 victory.

The perfect 3-0 sweep not only secured Nigeria’s place in the next phase of the qualifiers but also sent a powerful warning to every team still standing in the race for the 2027 FIBA Basketball World Cup.

After questions were raised about the team’s fortunes in recent years, D’Tigers have answered in the best possible way—on the court. Three games, three wins, and a renewed belief that Nigerian basketball is once again on the rise.

Nigeria’s Results

🏀 🇳🇬 Nigeria 84-81 Tunisia
🏀 🇳🇬 Nigeria 80-79 Guinea
🏀 🇳🇬 Nigeria 106-62 Rwanda

Three games. Three victories. A perfect window.

D’Tigers didn’t just win—they made a statement. Africa has been put on notice

Continue Reading

Trending