Bleeping Computer

Fake Microsoft Office add-in tools push malware via SourceForge

Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims' computers to both mine and steal cryptocurrency. SourceForge.net is a legitimate software ...
Infosecurity-magazine.com

Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

Microsoft has announced plans for its 365 customers to automatically block all XLL add-in files downloaded from the internet to prevent phishing attacks relying on these types of lures. Writing on its ...
Hosted on MSN

Hackers hide crypto address-swapping malware in Microsoft Office add-in bundles

Malicious actors are attempting to steal crypto with malware embedded in fake Microsoft Office extensions uploaded to the software hosting site SourceForge, according to cybersecurity firm Kaspersky.
Bleeping Computer

Hackers weaponize Microsoft Visual Studio add-ins to push malware

Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as method to achieve persistence and execute code on a target machine via malicious ...
Benzinga.com

Kaspersky Flags Crypto-Stealing Malware Hidden in Fake Microsoft Office Add-Ins

Cybersecurity firm Kaspersky has flagged a new sophisticated malware that steals crypto using fake Microsoft Office add-ins. These legit-looking extensions are uploaded to SourceForge, a website ...