PC Magazine

Uninstall Now: Hackers Hijack 3CX Desktop App to Deliver Malware

In response, 3CX CEO Nick Galea is urging users to uninstall the affected software, which includes versions 18.12.407 and 18.12.416 of the Windows app. The company is working on an update to fully ...
Dark Reading

3CX Supply Chain Attack Tied to Financial Trading App Breach

Turns out 3CX was not the original target in a recent supply chain compromise affecting customers of the video conferencing software maker: The attack came via a prior supply chain compromise ...
CRN

3CX: We’re Aware Of ‘Complex Supply Chain Attack’

The communications app maker apologized to partners and customers and said that ‘we will do everything in our power to make up for this error.’ Communications app ...
CRN

Hackers May Still Have Access To 3CX Supply Chain: Huntress Researcher

While communications app maker 3CX has acknowledged it is responding to the compromise of its Windows VoIP app, Huntress’ John Hammond said it’s unclear if attackers may still be able to ‘poison ...
Dark Reading

Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises

Security researchers are sounding the alarm on what may well be another major SolarWinds or Kaseya-like supply chain attack, this time involving Windows and Mac versions of a widely used video ...
Ars Technica

3CX knew its app was flagged as malicious, but took no action for 7 days

There is so much wrong here. 3CX should not have blown this off as it got bigger, they should have looked into it. People using SentinelOne should have contacted them to find out what was going on.
Ars Technica

Trojanized Windows and Mac apps rain down on 3CX users in massive supply chain attack

Hackers working on behalf of the North Korean government have pulled off a massive supply chain attack on Windows and macOS users of 3CX, a widely used voice and video calling desktop client, ...