Security news aggregator

Latest coverage for 3CX

3CX concerns cybersecurity risks in a business communications platform, including supply-chain compromise, malicious updates, and incident response.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

3CX is a software-based private branch exchange (PBX) system that manages business phone calls over internet protocol (VoIP). It handles call routing, voicemail, conferencing, and integrates with other communication tools, often hosted on-premises or in cloud environments. As a core telephony platform, it processes sensitive voice data and user credentials, making it a critical asset in enterprise communications infrastructure.

Security risks with 3CX include exploitation of software vulnerabilities that could allow attackers to intercept calls, access voicemail, or execute unauthorized commands. Weak authentication or exposed management interfaces increase the risk of account compromise or system takeover. Defenders should focus on applying patches promptly, enforcing strong access controls, and isolating the PBX network segment to limit exposure and protect voice traffic confidentiality and integrity.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view

Also, Finland sentences CEO of breach company to prison (kind of), and this week's laundry list of critical vulns In Brief We thought it was probably the case when the news came out, but now it's been confirmed: The X_Trader supply chain attack behind the 3CX compromise last month wasn't confined to the telco developer.…

Threat hunters traced it back to malware-laced Trading Technologies' software The supply-chain attack against 3CX last month was caused by an earlier supply-chain compromise of a different software firm — Trading Technologies — according to Mandiant, whose consulting crew was hired by 3CX to help the VoIP biz investigate the intrusion.…