3CX supply-chain attack (DPRK)
North Korea-linked actors trojanized the 3CXDesktopApp softphone client, distributing the SmoothOperator malware through a legitimately-signed update to a customer base of over 600,000 organizations — the first documented cascading software supply-chain compromise, itself enabled by a prior breach of trading software X_TRADER.
- Victim
- 3CX (3CXDesktopApp customers)