all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Red flags flew over software supply chain-compromised 3CX update

Add to bookmarks
March 30, 2023, 8:41 p.m. | karlo.zanki@reversinglabs.com (Karlo Zanki)

ReversingLabs Blog blog.reversinglabs.com




ReversingLabs is analyzing a supply chain compromise of the firm 3CX Ltd., a maker of enterprise voice over IP (VOIP) solutions. Beginning on March 22nd, 2023, compromised versions of the 3CXDesktopApp, a desktop client version of the company’s VoIP software, were found to contain malicious code. 

3cx 3cxdesktopapp client code compromise compromised desktop enterprise malicious march reversinglabs software software supply chain software supply chain security solutions supply supply chain supply chain compromise the company threat research update version voice voip

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

CycloneDX upgraded for the evolving software supply chain security era 1 day, 12 hours ago | blog.reversinglabs.com
ai development appsec & supply chain security bill bills +25
Where GenAI intersects with threat modeling: 3 key benefits for AppSec 2 days, 14 hours ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +18
OWASP's LLM AI Security & Governance Checklist: 13 action items for your team 3 days, 14 hours ago | blog.reversinglabs.com
action ai security appsec & supply chain security artificial +15
XZ Trojan highlights software supply chain risk posed by 'sock puppets' 1 week, 1 day ago | blog.reversinglabs.com
appsec & supply chain security attacks compression compromise +28
The state of secrets security: 7 steps to better managing risk 1 week, 2 days ago | blog.reversinglabs.com
appsec & supply chain security complexity development epidemic +16
When GenAI and low-code collide: What could go wrong for AppSec? 1 week, 3 days ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +22
Malicious helpers: VS Code Extensions observed stealing sensitive information 2 weeks, 2 days ago | blog.reversinglabs.com
administrators attacks code daily +20
SBOMs are now essential: Make them actionable to better manage risk 2 weeks, 3 days ago | blog.reversinglabs.com
actionable appsec & supply chain security attack attacks +15
A software supply chain meltdown: What we know about the XZ Trojan 2 weeks, 4 days ago | blog.reversinglabs.com
alarms appsec & supply chain security attack backdoor +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Intermediate Security Engineer, (Incident Response, Trust & Safety)

@ GitLab | Remote, US
View on infosec-jobs.com

Journeyman Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Project Manager II - Compliance

@ Critical Path Institute | Tucson, AZ, USA
View on infosec-jobs.com

Junior System Engineer (m/w/d) Cyber Security 1

@ Deutsche Telekom | Leipzig, Deutschland
View on infosec-jobs.com
View more jobs