South-East Asian Military Entities Targeted via cPanel (CVE-2026-41940)
Updated:
Executive Summary
[object Object]
Analysis
Originally published by r/blueteamsec on May 3, 2026.
Related Threats
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, developers using this library in their applications are urged to update the software to the latest version, which is currently 3.11.2. The warnings come in advisories from vm2 maintainer Patrik Simek
Kraken owner to pay $600m for stablecoin infrastructure firm Reap
The parent company of crypto exchange Kraken has agreed its second major acquisition in a matter of weeks, striking a $600 million deal to acquire stablecoin-native, card issuing and payments infrastructure platform Reap Technologies.
Credit Karma opens up membership to America's 'credit invisible'
Intuit-owned Credit Karma is now letting the 17 million Americans without a credit score open accounts, paving the way for them to emerge from "financial invisibility.