SiliconANGLE

Hackers infect popular 3CX communications application with malware

Hackers have compromised 3CX, a popular videoconferencing and business phone management application used by more than 600,000 companies. Multiple cybersecurity providers, including CrowdStrike ...
Wired

The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks

The cybersecurity industry has scrambled in recent weeks to understand the origins and fallout of the breach of 3CX, a VoIP provider whose software was corrupted by North Korea–linked hackers in a ...
CSOonline

Hackers behind 3CX breach also breached US critical infrastructure

The hacking group responsible for the supply-chain attack targeting VoIP company 3CX also breached two critical infrastructure organizations in the energy sector and two financial trading ...
Bleeping Computer

Hackers compromise 3CX desktop app in a supply chain attack

A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack.
WeLiveSecurity

Linux malware strengthens links between Lazarus and the 3CX supply-chain attack

ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering ...
Dark Reading

3CX Breach Widens as Cyberattackers Drop Second-Stage Backdoor

The threat actor — believed to be the Lazarus Group — that recently compromised 3CX's VoIP desktop application to distribute information-stealing software to the company's customers has also dropped a ...
CSOonline

3CX hack highlights risk of cascading software supply-chain compromises

The attack that injected malicious code into the company's software appears to have been enabled by another compromised application. At the end of March, an international VoIP software company called ...