Information security
fromThe Hacker News
5 hours ago900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Over 900 Sangoma FreePBX instances remain infected with web shells from CVE-2025-64328 exploitation, with 401 located in the U.S., actively exploited by threat actors delivering EncystPHP web shells.