Extensive Phishing Campaign Uses PDFs to Spread Lumma Stealer

A large-scale phishing campaign is using PDF documents distributed via Webflow's Content Delivery Network (CDN) to spread the Lumma stealer. This operation involves 260 domains masquerading as captchas, thereby trapping users. The malicious PDFs are designed to deceive victims into downloading the Lumma malware, which then steals sensitive information.