Bleeping Computer

10-year-old Windows bug with 'opt-in' fix exploited in 3CX attack

A 10-year-old Windows vulnerability is still being exploited in attacks to make it appear that executables are legitimately signed, with the fix from Microsoft still "opt-in" after all these years.
Ars Technica

3CX support tells customers to investigate malware warnings themselves

The customer support team for 3CX waited six days to address warnings that a recent update for its desktop VoIP client was malicious, and then its only advice was for customers to investigate the ...