Mar 29, 2023 · According to alerts from security researchers from Sophos and CrowdStrike, the attackers are targeting both Windows and macOS users of the compromised 3CX softphone app.

Apr 3, 2023 · In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all...

Mar 30, 2023 · CISA is aware of open-source reports describing a supply chain attack against 3CX software and their customers. According to the reports, 3CXDesktopApp — a voice and video conferencing app — was trojanized, potentially leading to multi-staged attacks against users employing the vulnerable app.

Apr 20, 2023 · In March 2023, Mandiant Consulting responded to a supply chain compromise that affected 3CX Desktop App software. During this response, Mandiant identified that the initial compromise vector of...

Apr 20, 2023 · The mass compromise of the VoIP firm's customers is the first confirmed incident where one software supply chain attack enabled another, researchers say.

Apr 20, 2023 · Google Cloud’s Mandiant says it has observed what appears to be the first ever instance of a double software supply chain attack, after uncovering evidence that suggests that the widespread...

Mar 30, 2023 · Reports from researchers at numerous security vendors since Wednesday have pointed to an active campaign using a compromised version of the 3CX app to target the company’s customers. Major...

Mar 31, 2023 · Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS.

Mar 29, 2023 · According to Mandiant’s analysis, 3CX’s macOS build server was compromised with POOLRAT backdoor using Launch Daemons as a persistence mechanism. The source of this compromise is not yet known. Interestingly, Apple’s XProtect contains a signature for POOLRAT that was added as long ago as July 2020 in XProtect version 2124. This appears to ...

Apr 3, 2023 · "On March 29, 3CX received reports from a third party of a malicious actor exploiting a vulnerability in our product. We took immediate steps to investigate the incident, retaining Mandiant, leading global cybersecurity experts," argued the CEO.