Fake Purchase Orders, Real Risk: A Scripted Backdoor Lands in Business Inboxes

A procurement-themed lure and a JavaScript payload are being used to probe US enterprises, with the malware described as a backdoor that seeks persistent access.