Dark Reading

3CX Breach Widens as Cyberattackers Drop Second-Stage Backdoor

The threat actor — believed to be the Lazarus Group — that recently compromised 3CX's VoIP desktop application to distribute information-stealing software to the company's customers has also dropped a ...
PC Magazine

3CX Supply Chain Attack Traced to Employee Who Installed Malicious App

Last year, a 3CX employee installed X_Trader on their own personal computer, which paved a way for the hackers to breach 3CX months ago. “Mandiant assesses the threat actor stole the employee's 3CX ...
Bleeping Computer

3CX confirms North Korean hackers behind supply chain attack

VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack. "Based on the Mandiant investigation into the 3CX intrusion and supply ...