The following has been emailed to all active and/or suspended CubedHost Minecraft customers.
** Please note ** Absolutely NO CubedHost services have been compromised. This is a general Minecraft security advisory.
We have recently become aware of a (working) exploit for the Minecraft protocol, that is a high risk to any server that is in online-mode and using an older CraftBukkit / Spigot build, or vanilla Minecraft.
This security exploit essentially allows for any user to authenticate as any player on your server. We have tested this exploit, and it does indeed work, making this a fairly high security risk.
We recommend that you update to the latest version of CraftBukkit / Spigot immediately.
As far as we’re currently aware, there is no fix with the Vanilla Minecraft server as of yet.
To update your server, please follow this knowledgebase article.