New XWorm RAT Phishing Campaign Exploits CVE-2018-0802 in Excel Attachments

A fresh phishing wave delivers XWorm RAT via business-themed emails with malicious Excel add-ins. Attackers exploit CVE-2018-0802 in Microsoft Equation Editor for initial code execution. This grants full remote control over Windows systems. XWorm first appeared in 2022. Threat actors sell it on Telegram markets. The new variant uses fileless techniques to dodge antivirus scans. […] The post New XWorm RAT Phishing Campaign Exploits CVE-2018-0802 in Excel Attachments appeared first on VPN Central.