Enterprise phone provider 3CX has confirmed that North Korea–backed hackers were behind last month’s supply chain attack that appeared to target cryptocurrency companies.. 3CX, which provides ...

The customer support team for 3CX waited six days to address warnings that a recent update for its desktop VoIP client was malicious, and then its only advice was for customers to investigate the ...

3CX reports on its website that it has more than 600,000 customers, with sales exclusively through its network of 25,000 partners. Major customers listed by 3CX include American Express, McDonald ...

17 thoughts on “ 3CX Breach Was a Double Supply Chain Compromise ” G.Scott H. April 20, 2023 I cannot speak for all Linux distributions, but on Slackware the techniques described would not ...

The 3CX supply chain attack was not caught as quickly as it could’ve been because of “alert fatigue” and the way that the vendor and users responded to alerts from security tools.

In the case of 3CX, both Windows and macOS second-stage malware versions exist. This article demonstrates the existence of a Linux backdoor that probably corresponds to the SIMPLESEA macOS malware ...

Google Cloud’s Mandiant says it has observed what appears to be the first ever instance of a double software supply chain attack, after uncovering evidence that suggests that the widespread 3CX ...

VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack. "Based on the Mandiant investigation into the 3CX intrusion and ...

In a statement issued on Thursday 30 March, 3CX chief information security officer Pierre Jourdan confirmed that update 7, version numbers 18.12.407 and 18.12.416 of its Electron Windows App ...

For instance, while 3CX's more than 600,000 customers is double the number of SolarWinds customers at the time of the supply chain breach of that company, the 3CX attack was caught much faster.