Home Practice
For learners and parents For teachers and schools
Past papers Textbooks
Mathematics
Mathematics Grade 7 Mathematics Grade 8 Mathematics Grade 9 Mathematics Grade 10 Mathematics Grade 11 Mathematics Grade 12
Mathematical Literacy
Mathematical Literacy Grade 10
Physical Sciences
Physical Sciences Grade 10 Physical Sciences Grade 11 Physical Sciences Grade 12
Natural Sciences
Natural Sciences Grade 4 Natural Sciences Grade 5 Natural Sciences Grade 6 Natural Sciences Grade 7 Natural Sciences Grade 8 Natural Sciences Grade 9
Life Sciences
Life Sciences Grade 10
CAT
CAT Grade 10 CAT Grade 11 CAT Grade 12
IT
IT Grade 10 IT Grade 11 IT Grade 12
Full catalogue
Leaderboards
Learners Leaderboard Grades Leaderboard Schools Leaderboard
Campaigns
Headstart #MillionMaths
Learner opportunities Pricing Support
Help centre Contact us
Log in

We think you are located in South Africa. Is this correct?

We use this information to present the correct curriculum and to personalise content to better meet the needs of our users.

Portable Document Spear | QUICK ★ |

: The user clicks what appears to be a legitimate button or link. This action redirects them to a credential-harvesting site, a malware download page, or a site that prompts them to install remote access tools (RATs).

The payload can be any combination of data, scripts, or even nested files. For security, payloads should be encrypted with a key that is only released when conditions are satisfied. Use AES-256-GCM for encryption. Portable Document Spear

Modern Portable Document Spear attacks increasingly distribute their malicious components across multiple vectors. The email contains no malice. The PDF contains scripts but no payload. The payload is fetched from cloud hosting or legitimate platforms. Each component viewed in isolation appears benign; the malicious chain only materializes when all pieces combine. This modular approach defeats defenses that analyze components in isolation. : The user clicks what appears to be

The democratization of PDF weaponization has dramatically lowered the barrier to entry for cybercriminals. Tools like , discovered on cybercrime forums in late 2025, allow attackers to transform legitimate PDF documents into weaponized attack vectors with minimal technical expertise. These builder-style toolkits import real PDF files and augment them with malicious overlays, embedded JavaScript, blurred content, and customizable payload URLs. For security, payloads should be encrypted with a