Sangoma — Cyber Attacks, Breaches & Threat Activity

Threat entity extracted from intelligence sources

Frequency
6
occurrences
First Seen
February 4, 2026
Last Seen
May 22, 2026

Sangoma is a organization tracked across 4 threat clusters and 6 intelligence report mentions on ThreatCluster. First observed February 4, 2026; most recent activity May 22, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • INJ3CTOR3 Deploys JOMANGY Webshell in Advanced FreePBX Attacks — Thecyberexpress · May 22, 2026
  • Ongoing Cyberattack Exploits Sangoma FreePBX CVE-2025-64328: Over 900 Instances ... — Rescana · March 1, 2026
  • CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances — Securityaffairs · March 1, 2026
  • WARNING: ~900 Sangoma FreePBX systems remain compromised via CVE-2025-64328, a ... — X · February 27, 2026
  • 900 Sangoma FreePBX Instances Infected With Web Shells — Feeds.Feedburner · February 27, 2026
  • Alert! CISA warns of 4 exploited vulnerabilities — Cybersecurityconnect.Au · February 4, 2026

CVSS v3.1 Breakdown