Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
Fortinet says the Ousaban trojan uses geofenced phishing PDFs and steganography to steal banking credentials from users in Spain and Portugal.
Fortinet says the May 2026 Ousaban campaign uses PDF lures, geofencing, and steganography to target Windows banking users.
Google Chrome has continued to add to its PDF functionality since the feature debuted in 2010, creating an ecosystem that ...