Watch out! This fake Windows BSOD is a trap

ZDNET summarizes Securonix’s analysis of PHALT#BLYX, a targeted campaign against the hospitality sector that lures victims via Booking.com-themed phishing and fake CAPTCHA/BSOD pages. Victims are social-engineered to paste a malicious command (ClickFix), which runs a PowerShell script that uses MSBuild to fetch an obfuscated DCRat remote access trojan, disables Defender, establishes persistence, and can deliver secondary payloads; the report includes detection and mitigation recommendations.