The Russian state-sponsored threat actor known asAPT28has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique “is designed to be triggered when the user starts the presentation mode and moves the mouse,” cybersecurity firm Cluster25saidin a technical report. “The code execution runs a