Dark Reading

3CX Supply Chain Attack Tied to Financial Trading App Breach

Turns out 3CX was not the original target in a recent supply chain compromise affecting customers of the video conferencing software maker: The attack came via a prior supply chain compromise ...
CRN

3CX: We’re Aware Of ‘Complex Supply Chain Attack’

The communications app maker apologized to partners and customers and said that ‘we will do everything in our power to make up for this error.’ Communications app ...
CRN

Hackers May Still Have Access To 3CX Supply Chain: Huntress Researcher

While communications app maker 3CX has acknowledged it is responding to the compromise of its Windows VoIP app, Huntress’ John Hammond said it’s unclear if attackers may still be able to ‘poison ...
Dark Reading

Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises

Security researchers are sounding the alarm on what may well be another major SolarWinds or Kaseya-like supply chain attack, this time involving Windows and Mac versions of a widely used video ...
Ars Technica

Trojanized Windows and Mac apps rain down on 3CX users in massive supply chain attack

Hackers working on behalf of the North Korean government have pulled off a massive supply chain attack on Windows and macOS users of 3CX, a widely used voice and video calling desktop client, ...
TechCrunch

There’s a new supply chain attack targeting customers of a phone system with 12 million users

Multiple security firms have sounded the alarm about an active supply chain attack that’s using a trojanized version of 3CX’s widely used voice and video-calling client to target downstream customers.