3CX DLL-Sideloading attack: What you need to know

False positive c2/generic-a detection

I see this topic comes periodically and, it seems, has never been answered conclusively which, most likely, stems from the fact that threat may be legitimate in some scenarios. But, whenever causes this false positive, Sophos itself may be, sadly, getting itself on a sort of blacklist. Here are 2 screengrabs, I am getting now.