XLLing in Excel – threat actors using malicious add-ins
Cisco Talos highlights a new vector for malicious code to Microsoft Excel—malicious add-ins, specifically XLL files. Although XLL files were supported since early Excel versions of Excel, malicious actors started using them relatively recently.