Hackers Weaponize Microsoft Visual Studio Add-ins for Office to Push Malware
The technique is an alternative to sneaking into documents VBA macros that fetch malware from an external source.
Since Microsoft announced it would block the execution of VBA and XL4 macros in Office by default, attackers are finding alternatives.