Hospitality is a industry tracked across 50 threat clusters and 93 intelligence report mentions on ThreatCluster. First observed October 31, 2025; most recent activity July 17, 2026.
Two Russia-aligned cyber campaigns are exploiting the WinRAR vulnerability CVE-2025-8088 against Ukrainian targets nearly a year after it was patched. The flaw, a path traversal vulnerability, allows attackers to write…
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
Two threat groups, Cordial Spider and Snarky Spider, affiliated with The Com, are targeting U.S. organizations across various critical infrastructure sectors for rapid data theft and extortion. Their operations,…
Since February 2026, the BlackFile Group has targeted retail and hospitality sectors, employing vishing attacks to steal employee credentials. Palo Alto Networks' Unit 42 reported that the group uses spoofed VoIP…
Carnival Corporation reported a significant data breach affecting approximately 6 million customers due to a social engineering attack on an employee's account. The breach was detected on April 14, 2026, when…
Angelo John Martino III, a former ransomware negotiator for DigitalMint, has been charged with conspiracy to interfere with interstate commerce by extortion. He allegedly conducted at least 10 ransomware attacks between…
Angelo Martino, a 41-year-old former ransomware negotiator from Florida, pleaded guilty to conspiracy charges related to assisting the BlackCat/ALPHV ransomware gang in extorting U.S. companies. Martino, along with…
In October 2025, software supply chain attacks reached a record high, with 41 incidents reported, marking a 30% increase from previous peaks. Threat actors have been increasingly active on dark web leak sites, with…
A multi-stage cyberattack campaign has been identified, targeting the hospitality sector in Europe and Asia since April 2026. The attackers utilize 'authentication laundering' techniques, exploiting legitimate services…
In late May 2026, a phishing campaign targeting Japan's hotel industry was identified, utilizing emails that impersonated guest complaints to deliver the TONResolver RAT. The emails, sent to Booking.com partner…