Attackers were found using a Lua-based malware loader posing as a TrueType font tile, with layered obfuscation and fileless ...