In early February, CISA warned of attacks on FreePBX instances. Currently, hundreds of compromised installations are online.

Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

AUGUSTA, Ga. — You couldn’t help but feel a bit of déjà vu when Asterisk Talley approached the microphone to speak with the media after her practice round Friday at Augusta National, 18 holes ...

LONDON--(BUSINESS WIRE)--UK company Threads Software Ltd today announces the release of its call transcription module for the FreePBX, a cloud-based telephone system. Built around the open-source ...

I have a cloned freepbx v17 vm with asterisk 21. I'll execute asterisk-version-switch to change asterisk to v20. In between the installation, I'm getting this dialog box which says "Daemons using ...

In freepbx v17, if asterisk is downgraded from 21 to 20, then SIP driver option doesn't appear immediately. We have do some additional steps for it to appear. We have to go to UI > settings > advanced ...

An endless source of amusement for those of advancing years can come from handing a rotary phone to a teenager and asking them to dial a number with it. It’s rare for them to be stumped by a piece of ...

There’s an ongoing campaign that’s compromising FreePBX systems around the world. It seems to be aimed specifically at Elastix systems, using CVE-2021-45461, a really nasty Remote Code Execution (RCE) ...

Security researchers with Palo Alto Networks have detailed a recent campaign targeting the Elastix system in Digium phones with a web shell that allows attackers to drop and execute additional ...