Mandiant says the North Korea-linked hack of VoIP company 3CX's customers is the first confirmed incident of one software-supply-chain attack enabling another (Andy Greenberg/Wired)

Andy Greenberg / Wired:

Mandiant says the North Korea-linked hack of VoIP firm 3CX’s prospects is the primary confirmed incident of 1 software-supply-chain assault enabling one other  —  The mass compromise of the VoIP agency’s prospects is the primary confirmed incident the place one software program provide chain assault enabled one other, researchers say.