The cybersecurity industry has scrambled in recent weeks to understand the origins and fallout of the breach of 3CX, a VoIP provider whose software was corrupted by North Korea–linked hackers in a ...

AI-driven supply chain attacks surged 156% as breaches grew harder to detect and regulators imposed massive fines.

The widely felt supply chain compromise of VoIP vendor 3CX was not caught as quickly as it might have been, as both the vendor and users initially assumed the alerts were false positives, according to ...

The supply chain compromise of a widely used VoIP phone system vendor, 3CX, has led to attacks against numerous customers and prompted comparisons to some of the largest breaches in recent memory — ...

The incident responders investigating how hackers carried out a complex supply-chain attack targeting enterprise phone provider 3CX say the company was compromised by another supply chain attack. 3CX, ...

Software supply-chain attacks, in which hackers corrupt widely used applications to push their own code to thousands or even millions of machines, have become a scourge, both insidious and potentially ...

In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines ...

A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack.

The customer support team for 3CX waited six days to address warnings that a recent update for its desktop VoIP client was malicious, and then its only advice was for customers to investigate the ...

Update December 17, 15:30 EST: As shared today by 3CX CEO Nick Galea, the SQL injection flaw was discovered by independent security researcher Theo Stein in the 3CX CRM Integration and is now tracked ...