Hackers Exploiting FreePBX Vulnerability to Deploy Webshell and Gain Control of Systems

A sophisticated attack campaign leveraging a critical FreePBX vulnerability to deploy a persistent webshell dubbed “EncystPHP,” enabling threat actors to gain complete administrative control over compromised VoIP systems. The campaign, launched in early December 2025, exploits CVE-2025-64328, a post-authentication command-injection flaw in the FreePBX Endpoint Manager’s administrative interface. The malicious activity is attributed to INJ3CTOR3, […]

The post https://cybersecuritynews.com/freepbx-vulnerability-exploited/

.

https://cybersecuritynews.com/freepbx-vulnerability-exploited/