The campaign started with a trojanized version of unsupported financial software. The compromise of the 3CX communication software made history as the first-ever publicly documented incident of one supply-chain attack leading to another. Two critical infrastructure organizations in the energy sector and two organizations in the financial sector are among the confirmed victims.  A supply-chain attack attempts to evade cybersecurity … More Recovering from a supply-chain attack: What are the lessons to learn from the 3CX hack?