The Warranty Form With a Windows Executable Hidden Inside a GIF

**Steganographic Malware Delivered via Legitimate Supplier Email:** A UK food quality vendor's legitimate-looking email (sleafordqf.com, DMARC p=reject) contained clean PDF and DOCX attachments and branding images; one GIF image (image189059.gif, 141,951 bytes) had a Windows PE header embedded at byte ~80761, hiding an executable payload that static, format-aware scanners missed, leading to quarantine by Themis. The incident demonstrates a stealthy supply-chain-like delivery using steganography and spearphishing attachments (MITRE T1027.003, T1566.001, T1204.002).