Securityaffairs.Co
Critical cPanel Vulnerability Exploited in Southeast Asia Cyber Attacks
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A sophisticated cyber campaign has exploited a critical cPanel vulnerability (CVE-2026-41940) to breach government and military servers in Southeast Asia, particularly targeting Indonesia. The attackers utilized a custom zero-day exploit chain to access sensitive information, exfiltrating over 4GB of documents related to Chinese railway projects. The vulnerability was published on April 29, 2026, and was actively exploited as of April 30, 2026. In addition to Indonesian targets, the campaign has also affected managed service providers (MSPs) in countries including the Philippines, Laos, Canada, and the U.S. The attack highlights the urgent need for organizations to patch this critical vulnerability to prevent further exploitation. Current assessments indicate that the threat remains active and evolving.
Key Points: • CVE-2026-41940 is a critical cPanel vulnerability with a CVSS score of 9.8. • Over 4GB of sensitive documents were exfiltrated from targeted servers. • The attack impacts government and military organizations across Southeast Asia and beyond.