Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com.
According to Malwarebytes research, 40% of people book travel through a general online search, creating a lot of opportunities for scammers. The first signs of the campaign showed up mid-May and the final redirect destination changes every two to three days. Following the links brings visitors to a familiar strategy where fake CAPTCHA websites hijack your clipboard and try to trick visitors into infecting their own device.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Yarbo responds to robot flaws that could mow down their owners
May 11, 2026
A researcher found that Yarbo yard robots came with a host of vulnerabilities which, among others, allowed an attacker to harvest WiFi passwords. Security researcher Andreas Makris found he could remotely hijack thousands of Yarbo yard robots worldwide, and proved it by having his mower run him over. The root cause was a cluster of “legacy” design choices: ...
- Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America
May 11, 2026
Threat actors using AI is an unsurprising and even long-predicted developmentopen on a new tab. In a case in point, TrendAI™ Research has identified two emerging threat campaigns that used agentic AI to drive intrusion operations against government entities and financial organizations across several countries in Latin America. Though evidence suggests that the two groups are likely ...
- Water company’s leaky security earns near-£1M fine
May 11, 2026
The UK’s data protection watchdog has fined South Staffordshire Water’s parent company nearly £1 million over security failings exposed by the Cl0p ransomware attack in 2022. Issuing the fine of £963,900 ($1.3 million), the Information Commissioner’s Office (ICO) said the attack exposed “significant failures in the company’s approach to data security.” The attack, claimed by Cl0p, was detected ...
- Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access
May 11, 2026
Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights derived from Mandiant incident response engagements, Gemini, and GTIG’s proactive research, highlights the dual nature ...
- Experts warn nearly half of the world’s passwords can easily be cracked in just a few minutes
May 8, 2026
Using real-world samples recovered from the dark web, Kaspersky researchers have tested how long it would take to crack most passwords, and found that almost half of the world’s passwords can be cracked in less than a minute. Additionally, the research shows that within an hour, that number rises to three out of five passwords. Armed with this knowledge, ...
- Disgraced US gov software contractor found guilty of database destruction
May 8, 2026
A Virginia man, Sohaib Akhter, faces decades in prison after a jury convicted him of being involved in a scheme to delete approximately 96 databases containing US government data. The events of the case transpired around two weeks before the twin brothers allegedly involved were fired from their jobs at a software supplier to the US ...