TechCrunch

There’s a new supply chain attack targeting customers of a phone system with 12 million users

Multiple security firms have sounded the alarm about an active supply chain attack that’s using a trojanized version of 3CX’s widely used voice and video-calling client to target downstream customers.
CRN

Many Customers May Reassess Using 3CX After Supply Chain Breach: Expert

All customers that use 3CX’s phone system ‘will and should engage in a new risk assessment of this vendor based on what’s happened,’ Sophos’ Christopher Budd tells CRN. Following the supply chain ...
Ars Technica

3CX support tells customers to investigate malware warnings themselves

The customer support team for 3CX waited six days to address warnings that a recent update for its desktop VoIP client was malicious, and then its only advice was for customers to investigate the ...