Threat actors are exploiting a new attack technique, GrimResource, using specially crafted Microsoft Management Console (MMC) files to achieve full code execution and evade security defenses. This method leverages a vulnerability in the MMC library and can bypass security measures like disabled Office macros. The technique uses a cross-site scripting (XSS) flaw in the apds.dll library to execute JavaScript code, facilitating malware delivery and system takeover.