“3CX Phone System has proven that it is enterprise ready by passing this test,” said Nick Galea, 3CX CEO. “The future of the phone system is software-based. IP phone systems will have to be certified ...

A 10-year-old Windows vulnerability is still being exploited in attacks to make it appear that executables are legitimately signed, with the fix from Microsoft still "opt-in" after all these years.

Hackers working on behalf of the North Korean government have pulled off a massive supply chain attack on Windows and macOS users of 3CX, a widely used voice and video calling desktop client, ...

In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines ...

A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack.

All customers that use 3CX’s phone system ‘will and should engage in a new risk assessment of this vendor based on what’s happened,’ Sophos’ Christopher Budd tells CRN. Following the supply chain ...

The attack that injected malicious code into the company's software appears to have been enabled by another compromised application. At the end of March, an international VoIP software company called ...

ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering ...

The customer support team for 3CX waited six days to address warnings that a recent update for its desktop VoIP client was malicious, and then its only advice was for customers to investigate the ...

Google Cloud’s Mandiant says it has observed what appears to be the first ever instance of a double software supply chain attack, after uncovering evidence that suggests that the widespread 3CX ...