FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...

September 2025 CVEs made it clear this was not a quiet month for security teams. Critical flaws surfaced, active exploits were spotted, and the systems we rely on every day suddenly looked far less ...

The US cybersecurity agency CISA issued a fresh warning that a missing authentication vulnerability in TP-Link TL-WA855RE Wi-Fi range extender products has been exploited in attacks. Tracked as ...

Tracked as CVE-2025-57819 (CVSS score of 10/10), the bug is described as an insufficient sanitization of user-supplied data. Sangoma has released emergency patches for a zero-day vulnerability ...

Infosec In brief A flaw in Meta's WhatsApp app “may have been exploited in a sophisticated attack against specific targeted users.” Meta made that alarming admission last week in a security advisory ...

The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to ...

Due to ongoing attacks, administrators of telephony and VoIP systems with FreePBX-GUI should secure their systems with an interim solution. A post by a team member in the FreePBX forum indicates that ...

The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the Administrator Control Panel (ACP) is exposed to the internet.

The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the Administrator Control Panel (ACP) is exposed to the internet. A ...

Meta has come out swinging following the European Commission's decision that its pay-or-consent model falls foul of the Digital Markets Act (DMA). In a post, the company stated: "This decision is both ...