Nick Galatis

🚨 BREAKING: cPanel and WHM, the control panels behind an estimated 70+ million websites, have a critical security flaw that lets anyone become root admin without a password. CVE-2026-41940 affects every supported version. It’s already being exploited in the wild. watchTowr Labs published the full attack today, after the hosting company KnownHost confirmed the bug was already being used to break into a significant chunk of the internet. If you've never heard of cPanel: it's the dashboard that hosting providers and millions of website owners use to manage their servers, domains, email accounts, databases, and SSL certificates. WHM is the admin version that controls the entire server. If someone gets root access to WHM, they get the keys to the kingdom and to every apartment inside it. How the attack works, in plain English: 🔴 Step 1: The attacker sends a deliberately wrong login. cPanel still creates a temporary "you tried to log in" record on disk and gives the attacker a cookie tied to it. 🔴 Step 2: The attacker tweaks the cookie to disable cPanel's password encryption. Normally cPanel encrypts the password field on disk. With one small change to the cookie, cPanel just stores it as plain text instead. 🔴 Step 3: The attacker sends a fake login attempt where the password field secretly contains hidden line breaks. cPanel does not strip these line breaks out, so they get written straight to the session file. Each line break creates a brand new fake record. The attacker uses this to inject lines that say "this user is root" and "this user already authenticated successfully." 🔴 Step 4: The attacker visits one more random page on the site to nudge cPanel into re-reading the file. cPanel then promotes the injected fake lines into its main session memory. 🔴 Step 5: On the next request, cPanel sees a flag that says "this user already passed the password check." cPanel trusts that flag, skips checking the actual password, and lets the attacker in as root. From start to finish, the attack takes a handful of HTTP requests. If you run cPanel or WHM, the patched versions are: 🔴 cPanel/WHM 110.0.x → 11.110.0.97 🔴 cPanel/WHM 118.0.x → 11.118.0.63 🔴 cPanel/WHM 126.0.x → 11.126.0.54 🔴 cPanel/WHM 132.0.x → 11.132.0.29 🔴 cPanel/WHM 134.0.x → 11.134.0.20 🔴 cPanel/WHM 136.0.x → 11.136.0.5 If your version is older than these, assume someone has already broken in and act accordingly. Patch right now, then rotate every password and key the server touched: root passwords, API tokens, SSL private keys, SSH keys, mail passwords, and database passwords.

Scam Altman has a incredible track record for being a con artist I don't think anyone has a "former ally turned enemy" list this big with directly with people he worked with A massive new 18-month investigation dropped, revealing the full list of people who worked directly with Sam Altman and now openly say they don’t trust him - they call him a liar, manipulator, scam artist, and worse These are his co-founders, board members, top executives, and biggest partners. Not random haters: • Elon Musk (OpenAI co-founder) ➝ Betrayed the original nonprofit, open & safe AI mission and turned it into a closed profit machine What he says: Calls him "Scam Altman" and “Sam Altman lies as easily as he breathes” • Ilya Sutskever (OpenAI co-founder & former Chief Scientist) Why: Discovered Sam repeatedly lied about safety protocols and bypassed board oversight. What he says/did: Compiled 70+ pages of memos, Slack messages, and evidence proving Sam’s lies → helped fire him. Said he didn’t think “Sam is the guy who should have his finger on the button for AGI” • Dario Amodei (former OpenAI President, now Anthropic CEO) Why: Left because of Sam’s leadership and broken safety promises What he says: “The problem with OpenAI is Sam himself.” Called the company under Sam "mendacious” (full of lies) and compared it to Big Tobacco knowingly selling something dangerous. Accused him of a clear “pattern of behavior” • Helen Toner (former OpenAI Board Member) Why: Sam made it impossible for the board to do its job through constant deception What she says: He was “outright lying to the board” and created a “toxic atmosphere” of psychological pressure • Tasha McCauley (former OpenAI Board Member) Why: Complete loss of trust after years of the same behavior What she says: Senior leaders reported Sam cultivated a “toxic culture of lying” • Jan Leike (former Superalignment co-lead) Why: Sam deprioritized real safety work for shiny products What he says: Resigned publicly saying he “lost confidence” in OpenAI leadership and that the company was “losing its way” on alignment • Mira Murati (former CTO - one of Sam’s closest longtime collaborators) Why: Lost all confidence in his leadership as they approached AGI What she says: Told insiders “I don’t feel comfortable about Sam leading us to AGI” and said his playbook is to say whatever he needs to get what he wants, and if that fails, destroy your credibility • Microsoft executives (including major tensions with CEO Satya Nadella) Why: Felt constantly misled on deals and partnerships What they say: A senior exec warned he could be remembered as a “Bernie Madoff or Sam Bankman-Fried-level scammer” • Paul Graham (Y Combinator co-founder - Sam was YC President) Why: Long pattern of deception during his time running YC What he says: Privately told YC colleagues, “Sam had been lying to us all the time" • Loopt board & early employees (Sam’s first startup) Why: History of chaotic and deceptive behavior What they did: Employees went to the board twice trying to get him fired over lack of honesty and shady behavior These are his co-founders, board members, closest executives, and major partners who actually worked with him all say the exact same things - chronic lying, manipulation, broken trust, toxic culture, scam & deception