ThreatLabz identified a new attack campaign deploying 'Edgecution,' a malicious Microsoft Edge browser extension used by an initial access broker affiliated with Payouts King ransomware. The malware abuses the Chrome native messaging protocol to bridge a headless browser extension with a Python-based backdoor, enabling arbitrary code execution and filesystem access while evading traditional browser sandboxes.