Information security
fromSecurityWeek
6 hours ago900 Sangoma FreePBX Instances Infected With Web Shells
Approximately 900 Sangoma FreePBX instances remain infected with web shells following exploitation of CVE-2025-64328, a post-authentication command injection vulnerability patched in November 2025.