SECURITYTHE HACKER NEWS
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
Microsoft warns of an ongoing phishing campaign targeting hotel and hospitality organizations in Europe and Asia since April 2026. The campaign uses photo-themed ZIP files to deploy a Node.js implant on front-desk machines, with no known attribution to a specific threat actor or clear end goal.
Mentioned
Related Signal
Adjacent reporting
- Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
- Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks
- Australia warns of ClickFix attacks pushing Vidar Stealer malware
- APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
- RMM Tools Fuel Stealthy Phishing Campaign
- WhatsApp phishing attack uses fake business docs to hack PCs