WeLiveSecurity

Linux malware strengthens links between Lazarus and the 3CX supply-chain attack

ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering ...
Bleeping Computer

3CX warns customers to disable SQL database integrations

Update December 17, 15:30 EST: As shared today by 3CX CEO Nick Galea, the SQL injection flaw was discovered by independent security researcher Theo Stein in the 3CX CRM Integration and is now tracked ...
Dark Reading

3CX Breach Widens as Cyberattackers Drop Second-Stage Backdoor

The threat actor — believed to be the Lazarus Group — that recently compromised 3CX's VoIP desktop application to distribute information-stealing software to the company's customers has also dropped a ...