#cve-2025-64328
#cve-2025-64328

[ follow ]

Information security

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Over 900 Sangoma FreePBX instances remain infected with web shells from CVE-2025-64328 exploitation, with 401 located in the U.S., actively exploited by threat actors delivering EncystPHP web shells.

fromSecurityWeek

10 hours ago

Information security

900 Sangoma FreePBX Instances Infected With Web Shells

Approximately 900 Sangoma FreePBX instances remain infected with web shells following exploitation of CVE-2025-64328, a post-authentication command injection vulnerability patched in November 2025.

fromThe Hacker News

5 hours ago

Information security

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

fromSecurityWeek

10 hours ago

Information security

900 Sangoma FreePBX Instances Infected With Web Shells

more#freepbx-security

[ Load more ]

#cve-2025-64328#cve-2025-64328

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

900 Sangoma FreePBX Instances Infected With Web Shells

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

900 Sangoma FreePBX Instances Infected With Web Shells

#cve-2025-64328
#cve-2025-64328