Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com.
According to Malwarebytes research, 40% of people book travel through a general online search, creating a lot of opportunities for scammers. The first signs of the campaign showed up mid-May and the final redirect destination changes every two to three days. Following the links brings visitors to a familiar strategy where fake CAPTCHA websites hijack your clipboard and try to trick visitors into infecting their own device.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
June 18, 2026
The Eastman Kodak Company (Kodak) confirmed to BleepingComputer that it is investigating a security breach after the ShinyHunters extortion group claimed responsibility for the incident. Kodak is the latest organization to land on the group’s leak site. ShinyHunters claims it stole more than 2.2 million records and threatened to publish the data unless the company responded by June ...
- Cyber Criminals Redirecting Users to Fraudulent Websites with Malicious Traffic Distribution Systems
June 18, 2026
The Federal Bureau of Investigation (FBI) is publishing this Public Service Announcement (PSA) to warn the public of cyber criminal use of traffic distribution systems (TDSs) to gain access to victim networks for ransomware or other financial scams. TDS is a technology used to route internet traffic visitors to different destinations after users visit webpages, click advertisement ...
- Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world
June 17, 2026
Cybercriminals have compromised tens of thousands of Fortinet firewalls and VPNs used by major companies all over the world, according to two cybersecurity firms. The widespread hacking campaign, which is ongoing and has been dubbed FortiBleed, appears to not involve abusing any unknown vulnerability in the targeted devices, but rather on a more basic issue: Companies ...
- Cisco SD-WAN make-me-root bug under attack
June 16, 2026
Cisco today issued a fix for a Catalyst SD-WAN Manager bug that attackers have already spotted and exploited to get root privileges, according to both the networking vendor and the feds. The vulnerability, tracked as CVE-2026-20262, is in the web UI of Cisco Catalyst SD-WAN Manager, and exists because the software is not properly validating user-supplied input during ...
- Hijacking Vertex AI Model Uploads for Cross-Tenant RCE
June 16, 2026
Palo Alto Unit42 discovered a vulnerability in the Google Cloud Vertex AI software development kit (SDK) for Python, and responsibly disclosed it to Google. Before Google’s fix, the vulnerability would have allowed an attacker operating entirely from their own Google Cloud project to hijack a victim’s model upload and poison it. By exploiting this flaw ...
- Attackers used social engineering to access third-party business apps and steal patient information
June 16, 2026
Heart monitoring biz iRhythm says thieves made off with patient health information and tried to turn it into a payday. The California-based cardiac monitoring specialist offers customers a wearable device that collects data, then analyzes it to create reports about heart health. The company said it detected unauthorized activity on June 8 and launched an investigation ...