The attachment was a PDF: purple_team_role_FinSecure_Q4.pdf .

Maya smiled. The wipe command was the last piece they needed—it contained the attacker’s unique digital signature.

“It’s a watering hole,” Maya breathed. “Not a file-based attack. A profile-based trojan. The malware wasn’t in the PDF. The PDF was a beacon activator.”

“And Leo? Next time a recruiter messages you, assume it’s a backdoor. Even if they compliment your BSides talk.”