Filemanager

Attackers linked to Mr_Rot13 are exploiting CVE-2026-41940 in cPanel and WHM to install the Filemanager backdoor, with more than 2,000 source IPs seen in activity, according to a technical analysis by QiAnXin XLab.