Category: Uncategorized

By Seher Dareen and Dmitry Zhdannikov

LONDON, March 1 (Reuters) – Brent crude jumped 10% to about $80 a barrel over the counter on Sunday, ‌oil traders said, while analysts predicted that prices could climb as high ‌as $100 after U.S. and Israeli strikes on Iran plunged the Middle East into a new war.

“While ​the military attacks are themselves supportive for oil prices, the key factor here is the closing of the Strait of Hormuz,” said Ajay Parmar, director of energy and refining at ICIS.

Most tanker owners, oil majors and trading houses have suspended crude ‌oil, fuel and liquefied natural ⁠gas shipments via the Strait of Hormuz, trade sources said, after Tehran warned ships against moving through the waterway. More than ⁠20% of global oil is moved through the Strait of Hormuz.

“We expect prices to open (after the weekend) much closer to $100 a barrel and perhaps exceed that level ​if we ​see a prolonged outage of the Strait,” ​Parmar said.

Middle East leaders have ‌warned Washington that a war on Iran could lead to oil prices jumping to more than $100 a barrel, said RBC analyst Helima Croft. Barclays analysts also said prices could hit $100.

The OPEC+ group of oil producers agreed on Sunday to raise output by 206,000 barrels per day (bpd) from April, a modest increase representing ‌less than 0.2% of global demand.

While some alternate ​infrastructure could be used to bypass the Strait ​of Hormuz, the net impact ​from its closure would be a loss of 8 million ‌to 10 million bpd of crude ​oil supply even after ​diverting some flows through Saudi Arabia’s East-West pipeline and Abu Dhabi pipeline, said Rystad energy economist Jorge Leon.

Rystad expects prices to rise by $20 to ​about $92 a barrel when ‌trade opens.

The Iran crisis also prompted Asian governments and refiners to ​assess oil stockpiles and alternative shipping routes and supplies.

(Reporting by Seher ​Dareen and Dmitry ZhdannikovEditing by David Goodman)

Ravie LakshmananFeb 27, 2026Network Security / Vulnerability

The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025.

Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France.

The non-profit entity said the compromises are likely accomplished via the exploitation of CVE-2025-64328 (CVSS score: 8.6), a high-severity security flaw that could enable post-authentication command injection.

“The impact is that any user with access to the FreePBX Administration panel could leverage this vulnerability to execute arbitrary shell commands on the underlying host,” FreePBX said in an advisory for the flaw in November 2025. “An attacker could leverage this to obtain remote access to the system as the asterisk user.”

The vulnerability affects FreePBX versions higher than and including 17.0.2.36. It was resolved in version 17.0.3. As mitigations, it’s advised to add security controls to ensure that only authorized users have access to the FreePBX Administrator Control Panel (ACP), restrict access from hostile networks to the ACP, and update the filestore module to the latest version.

The vulnerability has since come under active exploitation in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities (KEV) catalog earlier this month.

Source: The Shadowserver Foundation

In a report published late last month, Fortinet FortiGuard Labs revealed that the threat actor behind the cyber fraud operation codenamed INJ3CTOR3 has been exploiting CVE-2025-64328 starting early December 2025 to deliver a web shell codenamed EncystPHP.

“By leveraging Elastix and FreePBX administrative contexts, the web shell operates with elevated privileges, enabling arbitrary command execution on the compromised host and initiating outbound call activity through the PBX environment,” the cybersecurity company noted.

FreePBX users are recommended to update their FreePBX deployments to the latest version as soon as possible to counter active threats.