Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    ‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets

    July 11, 2026

    Progress urges ShareFile admins to shut down servers over “credible” threat

    July 11, 2026

    HackTheBox – DevArea

    July 10, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»News»Progress urges ShareFile admins to shut down servers over “credible” threat
    News

    Progress urges ShareFile admins to shut down servers over “credible” threat

    adminBy adminJuly 11, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Progress Software

    Progress Software is emailing ShareFile customers who use Storage Zone Controllers to immediately shut down their servers after identifying what it describes as a “credible external security threat” targeting the on-premises secure file-sharing software.

    ShareFile is Progress Software’s enterprise secure file sharing and collaboration platform that allows customers to host their files in Progress’ cloud infrastructure.

    However, organizations can opt to deploy Storage Zone Controllers to on-premise Windows servers to allow files to remain hosted locally within an organization’s own storage while continuing to use ShareFile’s cloud platform for authentication, user management, sharing, and collaboration.

    image

    In these hybrid deployments, the ShareFile cloud authenticates users and determines which Storage Zone contains their files. When a user uploads or downloads a file, ShareFile directs the request to the organization’s Storage Zone Controller, which retrieves or stores the file on the company’s own storage before transferring it to the user.

    Because Storage Zone Controllers handle file transfers between the cloud platform and and customer-managed storage, they are typically Internet-accessible servers.

    The warning, sent to customers in an email last night and seen by BleepingComputer, is titled “Service Disruption. Immediate Action Required.”

    “We have reason to believe there is a credible external security threat targeting Progress Software’s ShareFile Storage Zone Controllers,” reads the email.

    “Currently, we have no indication of unauthorized access to any Progress ShareFile accounts or data. As a precaution, we have temporarily disabled access to ShareFile accounts using the Storage Zone Controllers, including yours.”

    Progress is also instructing customers to manually shut down the Windows servers hosting Storage Zone Controllers, indicating that disabling access through the ShareFile cloud platform is not enough to mitigate the threat.

    “You must manually shut down the server hosting your Storage Zone Controllers. This is a critical additional step to ensure the safety of your data,” the company told customers.

    Progress says it implemented temporary restrictions out of an “abundance of caution” while working with internal and external cybersecurity experts to investigate the threat, and it plans to provide customers with another update within 24 hours.

    The ShareFile status page now shows a warning stating, “ShareFile customers with Storage Zone Controllers are not operational at this time.”

    Progress has not disclosed whether the threat involves a zero-day vulnerability or whether any Storage Zone Controllers have been compromised.

    The warning is similar to previous attacks targeting enterprise file transfer and file sharing software.

    In 2023, the Clop extortion gang exploited a zero-day vulnerability in Progress MOVEit Transfer to steal data from thousands of organizations before launching a widespread extortion campaign against victims.

    Since then, attackers have continued targeting Internet-facing managed file transfer and enterprise file-sharing platforms due to the sensitive data they often expose.

    A Progress spokesperson shared the same details provided to customers via email when asked by BleepingComputer for more information on the cyber threat.


    article image

    Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

    The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

    Get the whitepaper



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleHackTheBox – DevArea
    Next Article ‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets
    admin
    • Website

    Related Posts

    News

    ‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets

    July 11, 2026
    News

    Behind the Blog: The Promise of the Internet

    July 10, 2026
    News

    New U-Boot flaws could enable stealthy firmware attacks

    July 10, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views
    Our Picks

    ‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets

    July 11, 2026

    Progress urges ShareFile admins to shut down servers over “credible” threat

    July 11, 2026

    HackTheBox – DevArea

    July 10, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.