TechCrunch

There’s a new supply chain attack targeting customers of a phone system with 12 million users

Multiple security firms have sounded the alarm about an active supply chain attack that’s using a trojanized version of 3CX’s widely used voice and video-calling client to target downstream customers.
CRN

Many Customers May Reassess Using 3CX After Supply Chain Breach: Expert

All customers that use 3CX’s phone system ‘will and should engage in a new risk assessment of this vendor based on what’s happened,’ Sophos’ Christopher Budd tells CRN. Following the supply chain ...
TechCrunch

3CX’s supply chain attack was caused by… another supply chain attack

The incident responders investigating how hackers carried out a complex supply-chain attack targeting enterprise phone provider 3CX say the company was compromised by another supply chain attack. 3CX, ...
CRN

‘First’ Cyberattack Of Its Kind: 3CX Compromise Blamed On Earlier Supply Chain Breach

‘This is the first time Mandiant has seen a software supply chain attack lead to another software supply chain attack,’ the firm said in a post Thursday. Prominent cyberattack investigator Mandiant ...
Bleeping Computer

3CX confirms North Korean hackers behind supply chain attack

VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack. "Based on the Mandiant investigation into the 3CX intrusion and supply ...