I have been getting the exact same messages on my 2 CPanel boxes. The first ones came about 4 or 5 days ago and I really freaked out. I started checking everything I could, but could not find anything strange. I got a couple of those messages again today and noticed that the hackcheck.db file at the root of each one of the servers was modified this morning again.
Now that I know that you guys have been getting the same errors I feel much better. There is no chance in the world that all CPanel servers got cracked
What I noticed is that CPanel runs a checksum of many RPMs before updating itself and if the checksum does not match it will send that email message, reinstall the RPM and record it in a file called "hackcheck.db" that saves at the root partition. Now, the checksum test might not be passed if there is a network problem or the connection between the server and the CPanel server fails.