Cybersecurity analysts have revealed a significant phishing operation that employs counterfeit CAPTCHA visuals disseminated through PDF files located on Webflow’s content delivery system (CDN) to transmit the Lumma stealer malware.
Netskope Threat Labs reported the identification of 260 distinct domains harboring 5,000 phishing PDF documents that direct victims to harmful websites.
“The perpetrator utilizes SEO to deceive victims into