近日，Shadowserver基金会发布了一份警示，揭示了超过900个Sangoma FreePBX实例遭遇Web Shell攻击的惊人事实。这一系列攻击自2024年12月开始，攻击者利用了一个被称为CVE-2025-64328的命令注入漏洞，导致这些系统处于极度危险之中。

影子服务器基金会披露，超过900个Sangoma FreePBX实例仍被Web Shell感染，攻击者利用命令注入漏洞CVE-2025-64328发起攻击。受感染实例中401个位于美国，其余分布在巴西、加拿大、德国和法国等国。该高危漏洞影响17.0.2.36及以上版本，已在17.0.3版本中修复。美国网络安全机构已将此漏洞列入已知被利用漏洞目录，建议用户尽快更新至最新版本。

If you were running an Exchange server in the United States, it could have been compromised, and somewhat mitigated by the FBI without your knowledge. The Department of Justice revealed on Tuesday ...

Malware known as China Chopper is behind the recent headline-making attacks against vulnerable Microsoft Exchange Servers worldwide. China Copper is a type of malicious software known as a Web shell, ...

Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly popular as attackers become ...

A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners. On March 2nd, Microsoft released a ...