Phishing campaign impersonates Booking.com, delivers a suite of credential-stealing malware

A phishing campaign impersonating Booking.com targets hospitality organizations, using the ClickFix technique to trick users into downloading malware. The campaign, ongoing since December 2024, aims to steal credentials for financial fraud.