{"id":7146,"date":"2026-02-27T18:12:00","date_gmt":"2026-02-27T18:12:00","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/02\/27\/900-sangoma-freepbx-instances-compromised-in-ongoing-web-shell-attacks\/"},"modified":"2026-02-27T18:12:00","modified_gmt":"2026-02-27T18:12:00","slug":"900-sangoma-freepbx-instances-compromised-in-ongoing-web-shell-attacks","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/02\/27\/900-sangoma-freepbx-instances-compromised-in-ongoing-web-shell-attacks\/","title":{"rendered":"900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks"},"content":{"rendered":"<p>\u200bThe Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025.<br \/>\nOf these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France.<br \/>\nThe non-profit entity said the compromises are likely\u00a0The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025.<br \/>\nOf these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France.<br \/>\nThe non-profit entity said the compromises are likely\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bThe Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025. Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France.&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/02\/27\/900-sangoma-freepbx-instances-compromised-in-ongoing-web-shell-attacks\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":7147,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7146"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=7146"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7146\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/7147"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=7146"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=7146"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=7146"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}