Hackers have compromised the 3CX desktop app, a VoIP and unified communications software, in a supply chain attack by replacing the legitimate installer with a malicious one that includes a backdoor. The supply chain attack affected version 16.0.5.981 of the app. The backdoor can enable attackers to execute arbitrary commands, exfiltrate sensitive data, and download and execute additional payloads.
Read the full article here.
