3CX, provider of software-based phone and video systems, has announced that a vulnerability in their software has been exploited by a malicious actor.
Their recommendations include uninstalling the Electron desktop application and switching to using the PWA Web Client app. However, before you do that, please see their incident update page at https://www.3cx.com/blog/news/security-incident-updates/ and the associated NCSC advisory at https://www.ncsc.gov.uk/news/3cx-desktopapp-security-issue