Malicious hackers are abusing Microsoft Publisher files to try to infect businesses with a backdoor and steal their corporate data. Spam emails purporting to originate from employees who work at small- to mid-size companies in China, the United Kingdom, and elsewhere. The malware downloads a self-extracting cabinet file containing an AutoIt script, tool to run the script and an AES-256 encrypted file. After attackers have decrypted the file, its game over. They have full backdoor access to the infected machine, which means they can log keystrokes, steal login credentials, and make off with sensitive business data.”]
Source: https://grahamcluley.com/backdoor-microsoft-publisher/