all InfoSec news
The rise of malware in the software supply chain – and what to do about it
Malware Analysis, News and Indicators - Latest topics malware.news
The fast-evolving story of the compromise of voice over IP (VoIP) provider 3CX has refocused attention on the threat posed by software supply chain compromises. 3CX’s desktop client were tampered with by state-sponsored hackers. The company’s Windows and macOS build environments were compromised, and a backdoor added to the desktop client’s code. The update was then signed and pushed to customers.
That — and more recent revelations that 3CX itself was compromised by a signed, but compromised application made by …
3cx application attention backdoor build client code compromise compromised customers desktop environments fast hackers macos malware s code software software supply chain sponsored state story supply supply chain technologies the company threat trading trading technologies update voice voip windows