LinkedIn Carousel - #CyberWeekly Week 2

Check-In to Malware

Fake Booking.com emails deploy infostealers across European hotels

Platform: CyFun Basic Goes Live

Ledger Supply Chain Breach

ALPHV/BlackCat Insiders Unmasked

Easy Cyber Protection

1/4

ClickFix phishing targets European hotels via fake Booking.com emails

Late December: A phishing campaign dubbed PHALT#BLYX hit the European hospitality sector with fake Booking.com reservation cancellations.

Phishing email — arrives as a Booking.com cancellation notice with charges exceeding €1,000, creating urgency
Fake website — victim clicks through to a convincing Booking.com clone
Fake CAPTCHA → Fake Blue Screen — the site shows a CAPTCHA that leads to a simulated Windows "Blue Screen of Death"
ClickFix trick — victim is told to "fix" the error by pasting a command into the Windows Run dialog
PowerShell → MSBuild.exe — the pasted script downloads a project file that uses Microsoft's trusted MSBuild tool to bypass defenses

Full campaign analysis → https://www.infosecurity-magazine.com/news/phaltblyx-clickfix-malware/

2/4

This was our biggest platform update yet.

34 Basic controls — the complete CyberFundamentals Basic tier, each mapped to real actions you can take. No more spreadsheets or PDF checklists.
Progressive onboarding — a step-by-step wizard guides you through your first controls. Pick your tier, set your context, and start checking things off.
Checklist-based compliance — each control is a clear yes/no question. Are you doing this? Check it off. Not yet? You know what to focus on next.
Pricing & upgrade system — transparent pricing with a clear upgrade path. Start free, upgrade when you're ready for more controls.
Upgrade modal — smooth in-app flow to move from Basic to higher tiers as your security matures.

Try CyFun Basic free → https://easycyberprotection.com/start

3/4

January 5: Hardware wallet maker Ledger confirmed that customer data was exposed through a breach at Global-e, its third-party payment processor.

Names and contact information from online orders
Order details including products purchased and prices
No payment data — no card numbers, no credentials
No crypto access — seed phrases, blockchain balances, and digital assets were never at risk

Full breach details → https://www.bleepingcomputer.com/news/security/ledger-customers-impacted-by-third-party-global-e-data-breach/

4/4

January 2: Two U.S. cybersecurity professionals pleaded guilty to running ransomware attacks using the ALPHV/BlackCat platform.

Ryan Goldberg, 40, Georgia — worked as an incident response supervisor at Sygnia, an Israeli-owned cybersecurity firm
Kevin Martin, 36, Texas — worked as a ransomware threat negotiator at DigitalMint, a threat intel and incident response company

Read the full story → https://www.csoonline.com/article/4112400/two-cybersecurity-experts-plead-guilty-to-running-ransomware-operation.html

Read the full issue

4 stories. Context that matters.
Belgian cybersecurity, weekly.

Scan to read online

https://easycyberprotection.com/cyberweekly/2026/week-2

Follow #CyberWeekly

easycyberprotection.com