Dear Client,
We would like to inform you about a recently disclosed critical security vulnerability in cPanel & WHM (CVE-2026-41940, CVSS 9.8), which has been actively exploited in the wild.
read official string here: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026
What happened?
Attackers were targeting servers that had not been updated to the latest cPanel version. In some cases, malicious scripts (such as a botnet named nuclear.x86) were injected to gain unauthorized access and perform suspicious activities like scanning accounts and collecting information.
Our Status
We want to assure you that our infrastructure has been reviewed and secured. Necessary updates and preventive measures have already been implemented, and our servers are currently safe and stable. No data loss has been detected.
Action Required From Your Side (Important)
Even though everything is secure from our end, we strongly recommend you take the following precautions:
- Change your cPanel/WHM account password immediately
- Use a strong password (combination of uppercase, lowercase, numbers, and special characters)
- Update passwords for:
- Email accounts
- FTP accounts
- Databases (MySQL/PostgreSQL)
If You Notice Anything Suspicious
If you feel your website or account may have been compromised (unexpected changes, unknown files, slow performance, etc.), please raise a support ticket immediately so our team can investigate and assist you.
Your security is our top priority, and we are continuously monitoring and strengthening our systems.
If you need any help with password updates or security checks, feel free to contact our support team.
Best regards,
Support Team
HostAsia
Sonntag, Mai 3, 2026
