{ "Event": { "analysis": "1", "date": "2026-05-02", "extends_uuid": "", "info": "[Threat Intel] Attention! cPanel/WHM CVE-2026-41940 attacks ongoing!", "protected": false, "publish_timestamp": "1779546040", "published": true, "threat_level_id": "2", "timestamp": "1777769653", "uuid": "4c5a84fd-7c99-4a8f-9408-30c6d5f59ce8", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"vulnerability\"", "relationship_type": "" }, { "colour": "#170057", "local": false, "name": "rectifyq:sub-category=\"critical-vuln\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#3d00e9", "local": false, "name": "rectifyq:action-taken=\"telegram\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777763729", "to_ids": false, "type": "link", "uuid": "368359c3-5937-4701-99be-bbc6517fd446", "value": "https://www.linkedin.com/posts/cybercivildefense-cybersecurity-ugcPost-7455976702444290048-SDJq/", "Tag": [ { "colour": "#6b003a", "local": true, "name": "workflow:todo=\"create-missing-misp-galaxy-cluster\"", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777763729", "to_ids": false, "type": "link", "uuid": "115318a5-54af-487d-a31a-62914752ac56", "value": "https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777763729", "to_ids": false, "type": "link", "uuid": "b96cfb27-2cd1-4680-874f-961cbbd9496e", "value": "https://dashboard.shadowserver.org/statistics/honeypot/device/tree/?date_range=1&vendor=cpanel&geo=MY&data_set=count&scale=log&auto_update=on" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777763729", "to_ids": false, "type": "link", "uuid": "94d2b322-427a-4fa5-9379-8c46b6761781", "value": "https://dashboard.shadowserver.org/statistics/honeypot/device/time-series/?date_range=7&vendor=cpanel&geo=MY&dataset=unique_ips&limit=100&group_by=vendor&stacking=stacked&auto_update=on" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777763739", "to_ids": false, "type": "vulnerability", "uuid": "f517a711-7ee7-4170-929f-5d3604638300", "value": "CVE-2026-41940" } ] } }