#cve-2025-64328
#cve-2025-64328

[ follow ]

Information security

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Over 900 Sangoma FreePBX instances remain infected with web shells from CVE-2025-64328 exploitation, with 401 located in the U.S., actively exploited by threat actors delivering EncystPHP web shells.

fromSecurityWeek

9 hours ago

Information security

900 Sangoma FreePBX Instances Infected With Web Shells

Approximately 900 Sangoma FreePBX instances remain infected with web shells following exploitation of CVE-2025-64328, a post-authentication command injection vulnerability patched in November 2025.

fromThe Hacker News

4 hours ago

Information security

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

fromSecurityWeek

9 hours ago

Information security

900 Sangoma FreePBX Instances Infected With Web Shells

more#freepbx-security

[ Load more ]

#cve-2025-64328#cve-2025-64328

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

900 Sangoma FreePBX Instances Infected With Web Shells

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

900 Sangoma FreePBX Instances Infected With Web Shells

#cve-2025-64328
#cve-2025-64328