The Circuitry
THE CIRCUITRYYour one-stop source for all tech news
HOMETODAYNEWSFEEDEVENTS
BOOKMARKS
RSS
© 2026 The Circuitry
About UsSourcesContactCorrectionsPrivacy
  • Today
  • Feed
  • Events
  • Saved
Scroll for more
Verification
VERIFIEDConfidence: HIGH
Source identified
Claims cross-referenced
No discrepancies found
Fact-check summary

BleepingComputer reports the story; Reddit sysadmin users confirm receiving matching Progress emails directing immediate shutdown of ShareFile Storage Zone Controllers.

1 caveat
  • ▲Story published today with no corroboration yet from other major outlets — recent development.
Sourcing
1source

via BleepingComputer

BleepingComputer · track record
63Stories
100%Verified
3430d
All sources →
Home/Tech/Progress tells ShareFile on-premises users to power down servers over reported threat
VERIFIEDBy Xavier Rivera· ·2 min read

Progress tells ShareFile on-premises users to power down servers over reported threat

Progress Software has begun contacting organizations that run Storage Zone Controllers for its ShareFile platform, directing them to turn off the associated Windows servers at once because of what the firm calls a "credible external security threat" aimed at the on-premises component. Cloud access has been blocked as a precaution while the company and outside experts investigate.

Source:BleepingComputer
Post
Progress tells ShareFile on-premises users to power down servers over reported threat
TL;DRAI · 60 sec read

Progress Software orders ShareFile users running on-premises Storage Zone Controllers to shut down their Windows servers at once over a reported external security threat. The firm has already blocked cloud access for those accounts but says that step alone is insufficient to protect data. An investigation continues with a further update due within 24 hours.

Developing storymonitoring for updates
This story is still unfolding. Confirmed developments will appear here.
Progress Software has begun contacting organizations that run Storage Zone Controllers for its ShareFile platform, directing them to turn off the associated Windows servers at once because of what the firm calls a "credible external security threat" aimed at the on-premises component.

Progress emails customers with urgent instructions. In a message sent July 9, 2026 and headed "Service Disruption. Immediate Action Required," the company stated, "We have reason to believe there is a credible external security threat targeting Progress Software's ShareFile Storage Zone Controllers."

The vendor added that it sees "no indication of unauthorized access to any Progress ShareFile accounts or data" and has therefore blocked cloud access for all accounts tied to Storage Zone Controllers.
We have reason to believe there is a credible external security threat targeting Progress Software's ShareFile Storage Zone Controllers.

Cloud access disablement deemed insufficient. Simply cutting off the cloud connection proved inadequate, according to Progress, which told recipients they must also shut down the servers themselves. "You must manually shut down the server hosting your Storage Zone Controllers. This is a critical additional step to ensure the safety of your data," the email instructed.

ShareFile itself functions as an enterprise-grade secure file sharing and collaboration service whose default storage lives in Progress's cloud.
From The CircuitryThe Feed — live briefs across tech, all day.See what’s happening →

Storage Zone Controllers explained. Customers may choose a hybrid model by installing Storage Zone Controllers on their own Windows servers so that files stay inside corporate storage. In such setups the ShareFile cloud still manages login, permissions, sharing links and oversight, while routing actual upload and download traffic through the on-premise controller to reach the local disks.
This is a critical additional step to ensure the safety of your data,

Because these controllers sit between the internet-facing cloud service and internal storage, they are normally reachable from outside the organization.

Investigation and next steps outlined. The company said it took the temporary measures "out of an abundance of caution" and is now collaborating with both internal staff and outside cybersecurity specialists to examine the situation. A further customer notice is promised inside 24 hours. The ShareFile status page currently warns that installations relying on Storage Zone Controllers remain offline.
Progress has not revealed whether the risk stems from a previously unknown flaw or if any controllers have already been breached. The alert follows a pattern of earlier campaigns that singled out internet-exposed enterprise file-transfer and sharing products, including the Clop gang's 2023 zero-day attacks on Progress MOVEit Transfer.

EXPERT TAKE

Enterprise file-sharing platforms with hybrid on-prem components remain high-value targets; immediate server shutdowns like this underscore the need for rapid isolation when threats surface.

Why this mattersAI · ~100 words

Tap a lens to see what this story means for you.

Reader-supported
DonateBuy me a coffee →Follow@thecircuitry_ →Follow@thecircuitry.to →

Reader-supported · Daily Brief

Daily brief at 7 AM ET. Top tech stories, every morning. Sourced and fact-checked.

HELP US IMPROVE
From The Circuitry

See what’s happening right now

The Feed runs all day — short, verified briefs the moment they break.

Open the Feed →
From The Circuitry

Follow @thecircuitry_

Every story we publish, as it happens. No noise between.

Follow on X ↗On Bluesky ↗

Reader-supported

The Circuitry is a passion project I've always wanted to build, and I love the work behind it.

Running it costs real money. APIs, hosting, time. To keep improving the site and growing this into something useful for everyone, those costs have to be covered.

Any contribution is appreciated. If not, no pressure. Thanks for reading.

Buy me a coffee
SecurityShareFileProgress Software
More fromBleepingComputer
  • Hackers exploit critical auth bypass in Gitea Docker image

    Tech · 2h
  • CISA tells federal agencies to fix actively exploited Langflow IDOR flaw by Friday

    Tech · 2d
  • KDDI breach hits email platform used by five Japanese ISPs

    Tech · 2d
More inTech
  • Netflix, Sony and Paramount in talks to buy Letterboxd

    Tech · 40m
  • China imposes temporary helium export ban

    Tech · 2h
  • Hackers exploit critical auth bypass in Gitea Docker image

    Tech · 2h
SupportThe Work

The Circuitry is reader-supported. If you find the daily brief useful, you can buy me a coffee to keep it going.

Buy a coffee →
SubscribeCircuitry Brief

Daily brief at 7 AM ET. Top tech stories, every morning.

MORE IN TECH

Netflix, Sony and Paramount in talks to buy Letterboxd

Netflix, Sony Pictures, Paramount Skydance, TPG and Alexis Ohanian are in early talks to buy a controlling stake in Letterboxd from its majority owner Tiny. The film social network has grown to more than 30 million members, but a studio takeover would raise fresh concerns about conflicts of interest on a key review platform.

China imposes temporary helium export ban

China enacted a temporary helium export ban on July 10, 2026 to safeguard domestic supplies amid ongoing Middle East supply risks. The step highlights concerns over prolonged global shortages of the irreplaceable gas used in chipmaking and medical imaging.

Hackers exploit critical auth bypass in Gitea Docker image

Attackers are exploiting CVE-2026-20896 in Gitea’s official Docker image to impersonate any user via a single trusted header. The critical flaw affects default configurations of instances up to version 1.26.2, prompting urgent upgrades to 1.26.4 and log reviews.