server security
Coverage of server security in the Nexus archive.
- The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
A critical authentication bypass vulnerability, CVE-2026-41940, has been discovered in CPanel/WHM, allowing attackers to bypass login screens and gain unauthorized access. The flaw, reported by Watchtowr Labs, has sparked widespread concern about server security.
- Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are exploiting a critical vulnerability in the Breeze Cache WordPress plugin that allows unauthorized arbitrary file uploads to servers. The flaw, which requires no authentication, is being actively used to compromise WordPress sites.
- Sharing isn’t caring if it’s an admin password
The article discusses the risks of sharing admin passwords, highlighting how poor security practices by developers can lead to significant vulnerabilities. It references the 'PWNED' column, which showcases examples of bad server security decisions.