She ran a memory dump. The laptop’s RAM contained a tiny, nameless process – a binary that had arrived via a phishing PDF three days ago, undetected until now. The PDF was an invoice. Derek, sleep-deprived with a newborn, had clicked it at 2 AM.

The alert blinked on Kaspersky’s central console: – source: workstation 14-B, time: 03:14 AM.

Maya, the night shift SOC analyst, frowned. A UDP port scan from a marketing laptop at three in the morning was either a misconfigured backup script or something far worse. She pulled up the logs.

He never even knew his machine had been whispering to the void. But the void had almost whispered back.

Maya killed the laptop’s network port. Then she called Derek. “Congratulations on the baby. Now, about your computer…”