In a recent wave of cyberattacks, the threat actor TA558 has deployed the Venom RAT malware targeting hotels in Brazil and Spanish-speaking regions, leveraging AI-generated scripts for phishing campaigns. Kaspersky’s analysis notes that these attacks employ sophisticated methods, including the use of JavaScript loaders and PowerShell downloaders to infiltrate systems, primarily aiming to capture sensitive credit card information from guests. The group, known as RevengeHotels, has refined its tactics since its inception, enhancing its malware with anti-detection features and persistence mechanisms. This evolution in cybercriminal strategies underscores the growing challenge posed by AI-assisted threats in the hospitality sector, necessitating urgent cybersecurity measures to protect vulnerable industries.