Security Advisory — July 10, 2026
Quick summary: Progress Software is telling every customer running a ShareFile Storage Zone Controller to power down the server immediately. The company says it has identified a credible external security threat against the product and is taking systems offline as a precaution while it investigates. If your organization runs one of these controllers, treat this as urgent.
Progress Software has emailed customers who run ShareFile Storage Zone Controllers, instructing them to shut down the underlying Windows servers right away. The company has confirmed it is responding to what it describes as a credible external security threat targeting the product.
Two things are happening at once. First, Progress has already disabled cloud-side access for every account tied to a Storage Zone Controller. Second — and this is the part that requires action on your end — Progress is separately asking customers to manually power down the physical or virtual server hosting the controller software itself. Disabling cloud access alone is apparently not considered sufficient protection.
Progress says that, as of now, it has no evidence of unauthorized access to any customer accounts or data. The company frames the shutdown as a precautionary step taken while its internal team and outside security experts investigate, and has indicated further updates should follow within roughly a day.
This advisory is specific to organizations running a Storage Zone Controller — the self-managed component that lets a company keep files on its own storage while still using ShareFile's cloud platform for authentication, sharing, and collaboration. If your organization only uses ShareFile as a standard cloud-hosted service, with no on-premises controller, this incident does not apply to you.
By design, Storage Zone Controllers typically sit at the edge of a network and are reachable from the public internet, so files can move between the cloud platform and an organization's own storage. That same design is what makes the controller a meaningful target. When researchers examined this exposure earlier in 2026, they estimated tens of thousands of these controllers were reachable from the internet at that time.
As of this writing, Progress has not disclosed the technical nature of the threat, who may be behind it, or whether any individual customer's controller has actually been breached.
It's worth reading between the lines a little. When a vendor already has a fix ready, the usual guidance is simply "apply the patch." Ordering a full, manual shutdown instead suggests Progress doesn't have one yet — consistent with a newly discovered issue the company is racing to close, though it would also fit a threat a patch alone couldn't solve, such as stolen credentials.
Storage Zone Controllers — and Progress more broadly — have a track record worth knowing about:
None of this confirms today's threat is connected to anything above. But it's part of why security teams are taking this warning seriously even before technical details emerge.
Figuring out whether an internet-facing system has actually been compromised — quickly, under pressure, and without destroying evidence in the process — is exactly what an incident response team is for. If your organization runs a ShareFile Storage Zone Controller and you'd like a second set of expert eyes on your environment, or you suspect something may already be wrong, SecureCyber's SOC is available now.
Call the SecureCyber SOC: 937-388-4405
This advisory reflects Progress's communications to customers and public reporting on this incident as of July 10, 2026. Details are still developing — confirm the latest guidance directly with Progress before making decisions about your environment.
Sources:
https://thehackernews.com/2026/07/urgent-progress-tells-sharefile.html
Viewed Jul 10 2026 17:05PM EDT
https://www.bleepingcomputer.com/news/security/progress-urges-sharefile-customers-to-shut-down-servers-over-credible-threat/
Viewed Jul 10 2025 17:05PM EDT
https://status.sharefile.com/incidents/c59n5343lbkq
Viewed Jul 10 2025 17:05PM EDT