Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware
Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla via socially engineered emails and an evasive infection method.
https://www.darkreading.com/cloud-security/attackers-exploit-microsoft-office-bug-spyware