Cybersecurity researchers at HP Wolf Security warn of fake Booking.com websites that distribute remote access trojans (RATs) when users accept cookies. The fake sites appear similar to Booking.com, prompting users to download a malicious JavaScript file that installs XWorm, a RAT providing attackers full control over the victim’s device. Experts advise users to slow down while browsing and manually type website addresses instead of clicking on links from emails or social media.
New Phantom Stealer Campaign Hits Windows Machines Through ISO Mounting
Researchers have uncovered a sophisticated phishing campaign originating in Russia that deploys the Phantom information-stealing malware via malicious ISO files. The attack, dubbed “Operation MoneyMount-ISO,”
