The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Business Wire

Threads® Announces Call Transcription Module for FreePBX

LONDON--(BUSINESS WIRE)--UK company Threads Software Ltd today announces the release of its call transcription module for the FreePBX, a cloud-based telephone system. Built around the open-source ...
Bleeping Computer

FreePBX servers hacked via zero-day, emergency fix released

The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the Administrator Control Panel (ACP) is exposed to the internet.
heise online

Waiting for security patch: Attacks on FreePBX telephony and VoIP GUI

Due to ongoing attacks, administrators of telephony and VoIP systems with FreePBX-GUI should secure their systems with an interim solution. A post by a team member in the FreePBX forum indicates that ...