TechDogs-"Major Cyberattacks Expose Hotels, AI Systems, And Government Networks"

Cyber Security

Major Cyberattacks Expose Hotels, AI Systems, And Government Networks

By Manali Kekade

Updated on Tue, Nov 11, 2025

Overall Rating
These days, it doesn’t take much for cyberattacks to cause big problems. A wrong click, a clever trick, or a hidden flaw can give hackers access to sensitive information. From hotels to AI systems and even government networks, no one is completely safe. Let’s take a closer look at how some of these recent attacks unfolded. Read on!

Cybersecurity researchers have found a major phishing campaign targeting hotels, where attackers are tricking staff with fake ClickFix-style pages to steal login details and install PureRAT malware.

Sekoia explained, “The attacker’s modus operandi involved using a compromised email account to send malicious messages to multiple hotel establishments.”

In most cases, the emails pretend to be from Booking.com and lead recipients to fake verification pages. Once there, staff are asked to run a PowerShell command that secretly installs PureRAT, a tool that can steal files, record keystrokes, access webcams, and stay hidden on the system.

TechDogs-"An Image Showing Hotel Receptionist Accepting A Mobile Payment From A Guest"

Guests aren’t safe either. Scammers are reaching out via WhatsApp and email, sending what look like real booking confirmations and asking for card details to verify reservations.

Researchers say hackers are trading stolen hotel admin accounts on dark web forums and even using Telegram bots to check if the stolen credentials still work. Push Security warned that these fake ClickFix pages are getting more convincing, saying, “ClickFix pages are becoming increasingly sophisticated, making it more likely that victims will fall for the social engineering.”

Experts advise hotels to double-check any unexpected login or payment requests directly with official booking platforms before taking action.

Just like hotel staff fall for phishing, the Whisper Leak case shows that even encrypted AI chats can be exposed.

Microsoft has revealed details of a new side-channel attack called “Whisper Leak”, which can expose the topics of encrypted AI chatbot conversations.

The company explained that attackers monitoring encrypted traffic, such as someone on the same Wi-Fi or even a nation-state actor, could “infer if the user's prompt is on a specific topic.”

By analyzing packet sizes and timing patterns in the data stream between a user and a language model, attackers can guess what the conversation is about, even without decrypting it.

Microsoft tested the method and found that models from Alibaba, DeepSeek, Mistral, OpenAI, and xAI showed over 98% accuracy in topic detection, while Google and Amazon models were slightly more resistant.

To counter the risk, companies like OpenAI and Microsoft have added random text patterns to disguise token lengths. Microsoft also advises users to avoid discussing sensitive topics on public Wi-Fi, use VPNs, and prefer non-streaming models when possible.

The finding highlights growing privacy challenges in AI communication, reminding both users and developers that even encrypted chats may not be as private as they seem.

This shows that whether it’s AI chats or government systems, a single vulnerability or mistake can put sensitive information at risk.

Back in May, a state employee in Nevada, a western U.S. state, accidentally downloaded a malware-infected tool from a fake website. That one mistake gave hackers a backdoor into the state’s computer network.

The hackers quietly stayed inside the system for weeks, installing monitoring tools and stealing passwords from 26 accounts. They used this access to move around inside critical state systems like those used by the DMV, Health and Human Services, and Public Safety departments, while covering their tracks by deleting logs.

TechDogs-"An Image Showing System Hacked Pop-Up On The Screen"

Then, on August 24, they launched the full ransomware attack. They deleted backup copies, encrypted virtual machines, and left a ransom note demanding payment to unlock the systems.
 
Timothy Galluzzi, chief information officer and executive director of the Governor’s Technology Office, said, “The threat actor deployed an attack aimed at taking state systems offline and left behind a note with instructions on how to recover the encrypted systems and data, in an attempt to extort the state.”

Nevada officials decided not to pay the ransom. Instead, they relied on cyber insurance and recovery partners (like Mandiant, Microsoft, and Palo Alto Networks) to restore operations. Within 28 days, they recovered about 90% of the data.

The good news was investigators found no clear proof that sensitive files were leaked online, though one old employee’s data was confirmed stolen.

Overall, it shows how a single click can open the door to a massive cyber incident and how preparation helped Nevada recover without paying hackers.

Could Nevada have avoided the ransomware if the employee hadn’t clicked the malware?

Do you think hotels and guests could have done more to prevent the ClickFix-PureRAT attack?

Let us know what you think in the comments section below!

First published on Tue, Nov 11, 2025

Liked what you read? That’s only the tip of the tech iceberg!

Explore our vast collection of tech articles including introductory guides, product reviews, trends and more, stay up to date with the latest news, relish thought-provoking interviews and the hottest AI blogs, and tickle your funny bone with hilarious tech memes!

Plus, get access to branded insights from industry-leading global brands through informative white papers, engaging case studies, in-depth reports, enlightening videos and exciting events and webinars.

Dive into TechDogs' treasure trove today and Know Your World of technology like never before!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.

Loading comments...

  • Dark
  • Light