Fake Office Add-in Exploits Vulnerability; Malaysia Refuses Ransomware Payment

A fake add-in for Office has been discovered, exploiting an unspecified vulnerability to distribute malware. This fake add-in masquerades as a legitimate tool, deceiving users into installing it. Additionally, a kernel rootkit written in Rust has been identified, capable of running in privileged mode and evading detection by security software. Meanwhile, Malaysia has refused to pay a ransom after a ransomware attack, opting to restore its systems from backups. This decision helped minimize the financial and operational impacts of the attack.