Tag
3cx
Safeguard articles tagged "3cx" — guides, analysis, and best practices for software supply chain and application security.
4 articles
Threat Research
Lessons from the 3CX Attack: The First Supply Chain Attack Caused by Another
3CX shipped a trojanized version of its own softphone through official updates in 2023 — because an employee installed compromised trading software. Here is the cascade, and its lessons.
Jul 5, 20266 min read
Incident Analysis
3CX Desktop App: Anatomy of a Cascading Breach
How a Trading Technologies installer from 2022 poisoned the 3CX build pipeline in 2023, producing the first publicly confirmed cascading supply chain attack.
Apr 5, 20235 min read
DevSecOps
3CX Attack Lessons: What Every Software Vendor Must Do Differently
The 3CX supply chain attack exposed critical gaps in how software vendors protect their build pipelines. Here are the concrete lessons.
Apr 2, 20237 min read
Supply Chain Attacks
3CX Supply Chain Attack: A Deep Dive into the North Korean Compromise
The 3CX supply chain attack was a multi-stage operation linked to North Korea's Lazarus Group. Here's the full technical breakdown.
Mar 29, 20236 min read