Krebs on Security

3CX Breach Was a Double Supply Chain Compromise

In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines ...
Bleeping Computer

3CX warns customers to disable SQL database integrations

Update December 17, 15:30 EST: As shared today by 3CX CEO Nick Galea, the SQL injection flaw was discovered by independent security researcher Theo Stein in the 3CX CRM Integration and is now tracked ...