3CX is a VoIP vendor that develops and distributes a desktop softphone application, and multiple versions of that app on Windows and Mac have been found to contain malware. It’s pulled off via a ...

in a private cloud or hosted by 3CX. For this early review, Phone System V20 was only available for Debian Linux 12 so we chose to virtualize it on the lab’s Windows Server 2022 Hyper-V system.

[Related: 3CX Supply Chain Attack: Big Questions Remain] Both the Windows and macOS versions of the 3CX app are affected, executives from 3CX acknowledged Thursday. Reports from researchers at ...

A statement by 3CX — that the security issue “appears to be one of the bundled libraries that we compiled into the Windows Electron App via GIT” — does seem to point toward an open-source ...