3CX DesktopApp compromised by supply chain attack

3CX is working on a software update for its 3CX DesktopApp, after multiple security researchers alerted the company of an active supply chain attack in it. The update will be released in the next few hours; meanwhile the company urges customers to use its PWA (progressive web application) client instead. 

“As many of you have noticed the 3CX DesktopApp has a malware in it. It affects the Windows Electron client for customers running update 7,” Nick Galea, CEO at 3CX said in a security alert on Thursday. As an immediate response, the company advised users to uninstall and reinstall the app. 

To read this article in full, please click here