The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware.
The technique « is designed to be triggered when the user starts the presentation mode and moves the mouse, » cybersecurity firm Cluster25 said in a technical report. « The code execution runs a

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware.
The technique « is designed to be triggered when the user starts the presentation mode and moves the mouse, » cybersecurity firm Cluster25 said in a technical report. « The code execution runs a