The incident responders investigating how hackers carried out a complex supply-chain attack targeting enterprise phone provider 3CX say the company was compromised by another supply chain attack ...

The customer support team for 3CX waited six days to address warnings that a recent update for its desktop VoIP client was malicious, and then its only advice was for customers to investigate the ...

17 thoughts on “ 3CX Breach Was a Double Supply Chain Compromise ” G.Scott H. April 20, 2023 I cannot speak for all Linux distributions, but on Slackware the techniques described would not ...

VoIP communications company 3CX warned customers today to disable SQL database integrations due to potential risks associated with what it describes as a potential vulnerability.

The 3CX supply chain attack was not caught as quickly as it could’ve been because of “alert fatigue” and the way that the vendor and users responded to alerts from security tools.

In the case of 3CX, both Windows and macOS second-stage malware versions exist. This article demonstrates the existence of a Linux backdoor that probably corresponds to the SIMPLESEA macOS malware ...

The compromise of the 3CX communication software made history as the first-ever publicly documented incident of one supply-chain attack leading to another. Data from ESET telemetry suggest that ...

Suspected North Korean hackers infiltrated a software firm that claims hundreds of thousands of customers around the world in a cyberattack that shows Pyongyang’s advanced hacking capabilities ...

Multiple security firms have sounded the alarm about an active supply chain attack that’s using a trojanized version of 3CX’s widely used voice and video-calling client to target downstream ...