A third-party vendor of 3CX left an open server and exposed sensitive data. Attackers could use the exposed call metadata, license keys, and database connection strings to spy on 3CX clients or launch more sophisticated attacks.
Source: cyware.com