Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
Microsoft Threat Intelligence has identified a multi-stage intrusion campaign targeting hospitality and hotel organizations in Europe and Asia since April 2026. The campaign delivers a Node.js implant
