Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com.
According to Malwarebytes research, 40% of people book travel through a general online search, creating a lot of opportunities for scammers. The first signs of the campaign showed up mid-May and the final redirect destination changes every two to three days. Following the links brings visitors to a familiar strategy where fake CAPTCHA websites hijack your clipboard and try to trick visitors into infecting their own device.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Secure connectivity principles for Operational Technology (OT)
January 14, 2026
Operational technology (OT) environments – which have long been centred on safety, uptime, and operational continuity – are now more interconnected than ever. Driven by the need for increased efficiency, agility, and integration, these advancements offer significant operational benefits (such as real-time analytics, predictive maintenance and remote monitoring & administration), but they also introduce risks. Organisations ...
- China: Authorities tell domestic companies to stop using US and Israeli cybersecurity software
January 14, 2026
Chinese authorities have told domestic companies to stop using cybersecurity software made by more than a dozen firms from the U.S. and Israel due to national security concerns, three people briefed on the matter said. As trade and diplomatic tensions flare between China and the U.S. and both sides vie for tech supremacy, Beijing has been ...
- Hackers claim to have Target source code for sale following recent cyberattack
January 13, 2026
Hackers are apparently selling internal source code stolen from American retail giant Target. A previously unknown threat actor posted in an underground hacking community to claim they were selling Target’s data, and that this was the first of many datasets to go on auction. To support their claim, the poster created multiple repositories on Gitea, a ...
- Why iPhone users should update and restart their devices now
January 13, 2026
If you were still questioning whether iOS 26+ is for you, now is the time to make that call. Why? On December 12, 2025, Apple patched two WebKit zero‑day vulnerabilities linked to mercenary spyware and is now effectively pushing iPhone 11 and newer users toward iOS 26+, because that’s where the fixes and new memory ...
- Threat Brief: MongoDB Vulnerability (CVE-2025-14847)
January 13, 2026
On Dec. 19, 2025, MongoDB publicly disclosed MongoBleed, a security vulnerability (CVE-2025-14847) that allows unauthenticated attackers to leak sensitive heap memory by exploiting a trust issue in how MongoDB Server handles zlib-compressed network messages. This flaw occurs prior to authentication, meaning an attacker only needs network access to the database’s default port to trigger it. Read more… Source: ...
- Man to plead guilty to hacking US Supreme Court filing system
January 13, 2026
A resident of Springfield, Tennessee, is expected to plead guilty to hacking the U.S. Supreme Court’s electronic document filing system dozens of times over several months. Prosecutors say between August and October 2023, Nicholas Moore, 24, “intentionally accessed a computer without authorization on 25 different days and thereby obtained information from a protected computer,” according to ...