The cybersecurity landscape is evolving rapidly with significant updates in regulatory frameworks, fraud prevention, and emerging threats. This report delves into the latest incidents, alerts, and trends from the past 24 hours, highlighting key developments and their implications.
RBI Proposes Stricter Rules for Digital Banking Fraud Protection
The Reserve Bank of India (RBI) has issued draft Third Amendment Directions, 2026, aiming to bolster safeguards for customers against digital banking fraud. The new rules, effective July 1, 2026, will apply to transactions via UPI, internet banking, mobile banking, debit/credit cards, and ATMs. Key proposals include clearer definitions for authorized and unauthorized transactions, criteria for customer and bank negligence, third-party breach recognition, and a compensation mechanism for victims of fraudulent transactions under ₹50,000. The draft also mandates faster complaint resolution and expands the scope of fraudulent transaction categories. Public comments are invited until April 6, 2026 (Moneycontrol, Times of India).
Virgin Media O2 Uses AI to Flag 1 Billion Scam Calls
Virgin Media O2 marked a significant milestone in its anti-fraud efforts by announcing that its AI-powered Call Defence service has flagged over 1 billion suspected scam and spam calls since its launch in November 2024. This service employs Adaptive AI to analyze call behavior in real-time, providing warnings before users answer. Key insights reveal that 70 million calls are labeled as scam or spam monthly, resulting in 42% fewer answers and 89% shorter durations for flagged calls. The system has also blocked over 1 billion scam messages, encouraging users to report suspicious activity to 7726 for further investigation. Murray Mackenzie, Director of Fraud Prevention at Virgin Media O2, highlighted the role of AI in proactively stopping fraudsters, while Hiya CEO Alex Algard noted the system’s ability to reduce anxiety through real-time warnings. Top entities impersonated include Amazon, HMRC, banks, VISA, and insurance providers. Scammers employ tactics like fake order issues, tax threats, or fraud alerts to deceive victims. The success of this initiative underscores the importance of leveraging AI in fraud prevention amidst rising threats and the need for robust regulatory measures, as seen in recent RBI proposals (kcnet.in).
Global Cybercrime Crackdowns and Emerging Threats
Europol, in collaboration with the FBI and 14 countries, dismantled two major cybercrime platforms: Tycoon2FA and LeakBase. Tycoon2FA enabled adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication (MFA), with authorities seizing 330 domains linked to the service. LeakBase, a cybercrime forum with 142,000 members trading stolen data, was taken down as part of Operation Leak, including domain seizures, arrests, and data preservation for evidence.
Additionally, Russian national Evgenii Ptitsyn pleaded guilty to wire fraud conspiracy for his role in the Phobos ransomware operation, which targeted over 1,000 organizations and extorted $39 million since 2020. Researchers uncovered Coruna, a previously unknown iOS exploit kit targeting iOS 13–17.2.1, initially linked to a commercial surveillance vendor and later adopted by Russian espionage groups and financially motivated actors. The kit’s spread highlights the commercialization of zero-day exploits in mobile threats (SentinelOne).
These incidents underscore the importance of international cooperation in tackling cybercrime. The takedown of Tycoon2FA and LeakBase showcases the effectiveness of coordinated efforts to disrupt cybercriminal operations. The Phobos ransomware case highlights the legal consequences faced by cybercriminals. The Coruna exploit kit’s dissemination emphasizes the need for vigilance against zero-day threats, especially in mobile security.
For more insights into the evolving cybercrime landscape, visit kcnet.in.
Hacktivist Surge Amid Geopolitical Tensions
Following U.S.-Israel military operations against Iran, cybersecurity firms reported a spike in hacktivist activity under codenames ‘Epic Fury’ and ‘Roaring Lion’. Key observations include 149 DDoS attacks targeting 110 organizations across 16 countries, with 70% attributed to groups like Keymous+, DieNet, and NoName057(16). Government entities were the most affected, followed by financial and telecom sectors. Pro-Russian groups claimed breaches of Israeli military networks, while Iranian state actors targeted UAE energy infrastructure. SMS phishing campaigns distributed malware disguised as an Israeli civil defense alert app. Experts warn of potential global escalation, as Iranian-aligned actors historically blend espionage, disruption, and influence operations during crises (SentinelOne). For more on geopolitical cyber threats, see this article.
Final words
The evolving cyber threat landscape underscores the need for proactive defense strategies. From regulatory reforms to AI-driven fraud prevention and geopolitically motivated attacks, organizations and individuals must adopt multi-layered security measures. The commercialization of exploit kits and ransomware crackdowns highlight persistent vulnerabilities despite technological advancements. Stay vigilant and informed to mitigate risks.