A new email attack scenario nicknamed ROPEMAKER allows a threat actor to change the content of emails received by targets via remote CSS files. […]

from https://www.bleepingcomputer.com/news/security/ropemaker-lets-attackers-change-your-emails-after-delivery/