Hackers Exploit Critical cPanel Flaw to Breach Military Servers and Steal 4GB of Sensitive Data

Hackers exploit CVE-2026-41940, breaching SE Asian military data. 110 files stolen. Patch cPanel urgently to secure systems.

By Content Team

May 3, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A sophisticated hacking campaign hit South-East Asian government and military targets by exploiting CVE-2026-41940, a critical CVSS 9.8 authentication bypass in cPanel and WHM. Attackers gained root-level access without valid credentials before a patch dropped on April 28, 2026. Beyond cPanel, hackers also cracked an Indonesian defense training portal using a CAPTCHA bypass and SQL injection, escalating to full OS access via PostgreSQL. The operation ended with 110 files (~4.37GB) stolen from the China Railway Society, including financial records with national ID numbers and bank details. Shadowserver tracked 44,000 IPs actively scanning for vulnerable servers. Patch cPanel immediately.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Compromise 700+ Next.js Servers Using React2Shell Exploit

Apr 3, 2026

Google's Vertex AI Default Settings Allow Privilege Escalation Attacks

Jan 18, 2026

Critical 'MongoBleed' Bug Under Active Attack, Patch Now

Jan 6, 2026

Hackers Exploit Critical Quest KACE Flaw to Take Over Management Systems

Mar 21, 2026