PC Magazine

3CX Supply Chain Attack Traced to Employee Who Installed Malicious App

The supply chain attack on the 3CX voice-calling app has been traced back to a company employee installing a legitimate, but malware -laden program, onto their personal computer. The findings come ...
Ars Technica

Trojanized Windows and Mac apps rain down on 3CX users in massive supply chain attack

Hackers working on behalf of the North Korean government have pulled off a massive supply chain attack on Windows and macOS users of 3CX, a widely used voice and video calling desktop client, ...
CSOonline

3CX DesktopApp compromised by supply chain attack

3CX will be releasing an update for the DesktopApp in the next few hours; meanwhile, users are urged to use the PWA Client instead. 3CX is working on a software update for its 3CX DesktopApp, after ...
Infosecurity-magazine.com

Two Connected Software Supply Chain Attacks Lead to 3CX Compromise

The 3CX Desktop App software has been reportedly compromised via a prior software supply chain breach, with a North Korean actor suspected to be responsible. According to security researchers at ...
Dark Reading

Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises

Security researchers are sounding the alarm on what may well be another major SolarWinds or Kaseya-like supply chain attack, this time involving Windows and Mac versions of a widely used video ...
CRN

3CX: We’re Aware Of ‘Complex Supply Chain Attack’

The communications app maker apologized to partners and customers and said that ‘we will do everything in our power to make up for this error.’ Communications app ...
CSOonline

UK NCSC advises all businesses to address 3CX DesktopApp security issue

3CX has advised customers running affected versions to uninstall the software and use the browser-based web app until a new version is available. The UK’s National Cyber Security Centre (NCSC) has ...