“Researchers from security firm Morphisec now report that they’ve seen CVE-2018-4878 being exploited in a massive malspam campaign that distributes shortened URLs pointing to malicious Word documents,” researcher said in the blog.

Read more on SC Media here.