Ars Technica

Trojanized Windows and Mac apps rain down on 3CX users in massive supply chain attack

Hackers working on behalf of the North Korean government have pulled off a massive supply chain attack on Windows and macOS users of 3CX, a widely used voice and video calling desktop client, ...
CRN

3CX: We’re Aware Of ‘Complex Supply Chain Attack’

The communications app maker apologized to partners and customers and said that ‘we will do everything in our power to make up for this error.’ Communications app ...
CSOonline

3CX DesktopApp compromised by supply chain attack

3CX will be releasing an update for the DesktopApp in the next few hours; meanwhile, users are urged to use the PWA Client instead. 3CX is working on a software update for its 3CX DesktopApp, after ...
PC Magazine

Uninstall Now: Hackers Hijack 3CX Desktop App to Deliver Malware

In response, 3CX CEO Nick Galea is urging users to uninstall the affected software, which includes versions 18.12.407 and 18.12.416 of the Windows app. The company is working on an update to fully ...
Dark Reading

Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises

Security researchers are sounding the alarm on what may well be another major SolarWinds or Kaseya-like supply chain attack, this time involving Windows and Mac versions of a widely used video ...
CRN

Many Customers May Reassess Using 3CX After Supply Chain Breach: Expert

All customers that use 3CX’s phone system ‘will and should engage in a new risk assessment of this vendor based on what’s happened,’ Sophos’ Christopher Budd tells CRN. Following the supply chain ...
Computer Weekly

3CX incident may be world’s first double supply chain attack

Google Cloud’s Mandiant says it has observed what appears to be the first ever instance of a double software supply chain attack, after uncovering evidence that suggests that the widespread 3CX ...