Researchers from Mandiant investigating the recently disclosed 3CX supply chain attack say that attack was made possible by an earlier attack against a different supply chain. The earlier attack targeted Trading Technologies’ X-TRADER installer, adding a backdoor. In their blog, Mandiant writes, ”The identified software supply chain compromise is the first we are aware of which has led to a cascading software supply chain compromise.” More information here https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise