Avanan's research into hackers using little-used PowerPoint add-on files to wrap and deliver malware was featured in Threatpost. Using a .ppam file, threat actors are successfully wrapping and hiding malicious files that could later be used to take over the victim's computer. As Threatpost writes:

The payload executed a number of functions on the end user’s machine that were not authorized by the user, including installing new programs that create and open new processes, changing file attributes, and dynamically calling imported functions.


Read the rest of the article at Threatpost.