Cybercriminal group Storm-1865 is deploying social-engineering attacks on hospitality businesses, using a method known as “ClickFix”, where victims receive fake error or system notifications. Following the attackers’ instructions, victims either visit a malicious website or download malware directly. The criminals impersonate Booking.com to prompt users to provide financial details and login credentials. The Microsoft security research team points out this tactic has enabled Storm-1865 to evade many antimalware tools.
CISA Warns of Critical VMware vCenter RCE Vulnerability Now Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog. This
