Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.