Hi Huy,

I installed EA4V on a staging environment in late February 2026. Within hours, I started seeing brute-force login attempts against the username “ea4vxuser”, 203 attempts across 284 IPs between February 28 and March 2.

The timing is too precise to be coincidental. It appears that bots already have this default username in their credential-stuffing wordlists, which means either the username has been enumerated from other EA4V installations or it is publicly known.

None of the attempts succeeded, but a security liability for your users.  Happy to share the activity log if it helps.

Thanks,

Peter