ISC StormCast for Monday, May 8th, 2023

Quickly Finding Encoded Payloads in Office Documents
https://isc.sans.edu/forums/diary/Quickly+Finding+Encoded+Payloads+in+Office+Documents/29818/
Exploratory Data Analysis with CISSM Cyber Attacks Database Part 1
https://isc.sans.edu/forums/diary/Exploratory+Data+Analysis+with+CISSM+Cyber+Attacks+Database+Part+1/29816/
Guildma is now Abusing Colorcpl.exe LOLBIN
https://isc.sans.edu/forums/diary/Guildma+is+now+abusing+colorcplexe+LOLBIN/29814/
Leaked MSI Keys
https://github.com/binarly-io/SupplyChainAttacks/blob/main/MSI/ImpactedDevices.md
https://twitter.com/matrosov/status/1654560343295934464
PHP Packages Compromised
https://blog.packagist.com/packagist-org-maintainer-account-takeover/