The Shadowserver Foundation has revealed that over 900 Sangoma
FreePBX instances still remain infected with web shells as part of
attacks that exploited a command injection vulnerability starting
in December 2025. Of these, 401 instances are located in the U.S.,
followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in
France. The non-profit entity said the compromises are likely
Read more https://thehackernews.com/2026/02/900-sangoma-freepbx-instances.html
