Malicious doc “builders” abandon old exploits wholesale