cPanel Security Incident Live Updates
( Update 12 – 08 May 2026 | 5:45 AM GMT )
An update regarding the servers currently undergoing recovery, restoration, migration, and final verification following the recent cPanel security incident.
Specific Server Progress:
Corporate VIP1
This server was significantly affected by the incident. We are currently performing deep recovery procedures to restore all possible data. Due to the complexity of the recovery process, the estimated resolution time is approximately 24 to 72 hours.
Corporate VIP2
The operating system reload, security patching, and restoration processes have been completed successfully. Websites are online. 100% complete.
( Update 11 – 08 May 2026 | 3:57 AM GMT )
Recovery efforts are nearing completion, and the majority of our systems are now back online.
The cPanel access remains temporarily disabled while we perform a complete system backup as a precautionary measure to help prevent any potential vulnerabilities. Access to cPanel will be restored once the backup process has been successfully completed.
Current Recovery Progress:
- Web Hosting Servers: Websites hosted on server VIP2 are now 100% online and accessible. Recovery and restoration work for server VIP1 is still ongoing. At this moment, we are unable to provide an estimated completion time (ETA).
Important Notice:
We are currently receiving a volume of support tickets as we continue to prioritize server recovery and restoration, response times may be slower than usual. Please be assured that once all services are fully restored, we will immediately focus on pending tickets and work to return support response times to normal.
( Update 10 – 07 May 2026 | 7:54 AM GMT )
We would like to provide you with the latest update regarding the ongoing cPanel security incident affecting hosting environments worldwide.
Recovery efforts are nearing completion, and the majority of our systems and services have already been successfully restored online. Our team continues to work carefully to ensure all remaining systems are stable, secure, and fully operational. However, cPanel remains temporarily disabled on all servers as a precautionary measure until cPanel Inc. releases a permanent fix for the critical vulnerability identified as CVE-2026-41940.
Current Recovery Progress:
- Web Hosting Servers: Websites hosted on server VIP2 are now 100% online. Recovery and restoration efforts for server VIP1 are still ongoing.
Please note that cPanel remains temporarily disabled across all servers as a precautionary security measure. This will remain in effect until cPanel Inc. provides a permanent solution for the critical vulnerability identified as CVE-2026-41940.
( Update 9 – 04 May 2026 | 11:19 AM GMT )
We are pleased to share the recovery process.
We are on track to have the majority of affected servers fully patched, updated, and restored online soon, while a small number of systems that were more significantly impacted continue to undergo additional recovery and verification procedures.
Please note that cPanel and Webmail access still remain temporarily disabled on certain systems as part of our ongoing security measures while final validation and security hardening activities are being completed.
Current Recovery Progress:
- Web Hosting Servers: 95% online
( Update 8 – 03 May 2026 | 4:54 PM GMT )
We would like to share a positive update regarding our ongoing recovery efforts.
The restoration process continues to progress steadily, and within the next 24 hours, we anticipate that the majority of affected servers will be fully patched, secured, and returned online. A small number of systems that experienced deeper impact from the incident may require additional recovery and validation work to ensure full stability and security before service restoration. cPanel and Webmail access still remain temporarily disabled on certain systems as part of our security precautions while additional validation and hardening procedures are completed.
We sincerely appreciate your continued patience and understanding as our team works carefully to restore all services safely and responsibly.
Current Recovery Progress:
- Web Hosting Servers: 90% online
( Update 7 – 03 May 2026 | 4:05 PM GMT )
Recovery operations remain ongoing. Approximately 60% of affected hosting servers have now been successfully restored and brought back online.
( Update 6 – 02 May 2026 | 07:37 AM GMT )
Recovery efforts continue to move forward. Approximately 40% of affected servers have been fully restored, while around 80% of hosting servers are now online.
Websites and email services on restored servers are operational. However, cPanel and Webmail access remain temporarily disabled on certain systems as part of our security precautions while additional validation and hardening procedures are completed.
( Update 5 – 02 May 2026 | 08:30 AM GMT )
Recovery work remains in progress. Approximately 15% of all servers and 30% of hosting servers have been successfully restored, upgraded, and secured. Our team continues to work on the remaining affected systems.
( Update 4 – 02 May 2026 | 06:00 AM GMT )
Server rebuilding and security patching activities are ongoing. Affected systems are being reloaded and upgraded into fully patched and secured environments prior to being returned online.
( Update 3 – 01 May 2026 | 10:30 PM GMT )
The initial recovery phase has started. Affected systems were isolated successfully, and comprehensive security validation procedures are currently underway.
( Update 2 – 01 May 2026 | 01:00 PM GMT )
As a precautionary measure, all cPanel-based servers were temporarily taken offline following reports of the actively exploited critical vulnerability (CVE-2026-41940) impacting cPanel/WHM environments globally.
( Update 1 – 01 May 2026 | 12:30 PM GMT )
A security advisory was issued, and investigation, containment, and mitigation measures were immediately initiated by our technical team.
Latest Information & Details
Full Advisory and Official Updates:
https://gomanilahost.net/clients/announcements/62/Critical-Security-Advisory-Temporary-Shutdown-of-cPanel-Based-Services.html
Technical Analysis (WatchTowr):
https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940
Community Discussion:
https://www.reddit.com/r/cpanel/comments/1syyajp/massive_cpanel_0day_auth_bypass_hits_web_hosting
Important Note
We remain committed to providing transparent and timely updates as recovery progresses. Additional announcements will continue to be posted on this page as more systems are restored and verified.
Thank you for your patience, understanding, and continued trust during this time.
Warm Regards,
GoManilaHost.Net Team
Sunday, May 3, 2026
