影子服务器基金会披露，超过900个Sangoma FreePBX实例仍被Web Shell感染，攻击者利用命令注入漏洞CVE-2025-64328发起攻击。受感染实例中401个位于美国，其余分布在巴西、加拿大、德国和法国等国。该高危漏洞影响17.0.2.36及以上版本，已在17.0.3版本中修复。美国网络安全机构已将此漏洞列入已知被利用漏洞目录，建议用户尽快更新至最新版本。

If you were running an Exchange server in the United States, it could have been compromised, and somewhat mitigated by the FBI without your knowledge. The Department of Justice revealed on Tuesday ...

Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly popular as attackers become ...