The latest cybersecurity incidents highlight critical infrastructure vulnerabilities, AI-powered phishing attacks, educational sector breaches, and high-profile financial fraud investigations.
AI-Enabled Phishing and Cybercrime
AI-enabled phishing campaigns continue to escalate in frequency and sophistication. A 16-day phishing campaign dubbed EvilTokens targeted 344 organizations across five countries, exploiting Microsoft’s device code authentication flow to bypass multi-factor authentication (MFA). The attack used AI-generated lures and dynamic code generation to capture session tokens without stealing credentials. EvilTokens, sold on Telegram for $1,500, is a phishing-as-a-service (PhaaS) platform that includes post-compromise automation. Defensive measures recommended include conditional access policies, phishing-resistant MFA, and behavioral detection. For more details, refer to the source article.
AI-Enabled Phishing and Cybercrime
A 16-day phishing campaign dubbed EvilTokens targeted 344 organizations across five countries, exploiting Microsoft’s device code authentication flow to bypass MFA. The attack used AI-generated lures and dynamic code generation to capture session tokens without stealing credentials. EvilTokens, a phishing-as-a-service (PhaaS) platform sold on Telegram for $1,500, includes post-compromise automation. Defensive measures recommended include conditional access policies, phishing-resistant MFA, and behavioral detection. For more details, refer to the source article.
The Minnesota Judicial Branch alerted residents to a phishing scam involving fraudulent text messages claiming unpaid traffic fines. The messages, which included stylized graphics, case numbers, and fake judge/clerk names, directed victims to a malicious website. The scam mimics official communications but exploits the lack of SMS-based verification for court notices. Authorities emphasized that no legitimate traffic fines are collected via text and urged victims to report incidents to the FBI’s Internet Crime Complaint Center. For more details, refer to the source article.
Educational Sector Breaches
A double breach of Instructure’s Canvas platform—used by nearly all U.S. public school districts—disrupted access for millions of students. The attacks, linked to the ShinyHunters hacking group, exploited a vulnerability in Canvas’s free version for teachers (now paused). Hackers accessed student names, emails, IDs, and messages, employing a “pay or leak” extortion tactic. While no operational disruption occurred, the incident follows a 2023 PowerSchool ransomware attack that exposed North Carolina teachers’ Social Security numbers. For more details, refer to the source article.
Financial Fraud and Investigations
The Haryana government authorized the Central Bureau of Investigation (CBI) to question five IAS officers linked to a ₹590 crore bank fraud involving siphoned funds from state departments. The CBI, which took over the case in April 2026, has already arrested 15 suspects, including government officials and bank executives. The fraud involved fake bank accounts and collusion with conspirators. For more details, refer to the source article.
The Punjab and Haryana High Court scrutinized Chandigarh Police for issuing letters to unfreeze bank accounts in a ₹700 crore IDFC First Bank fraud case, despite the investigation being transferred to the CBI on April 27, 2026. The court demanded explanations for the May 2 and May 8 communications, which risked compromising the CBI’s probe. The fraud involves multi-state money trails and suspicious transactions, with the CBI analyzing digital records to uncover the financial manipulation layers. For more details, refer to the source article.
Final words
The convergence of AI, critical infrastructure risks, and financial cybercrime underscores the need for proactive monitoring, cross-sector collaboration, and advanced defensive measures. As adversaries leverage automation and cross-sector dependencies, defenders must adopt context-aware security, zero-trust architectures, and public-private partnerships to mitigate emerging threats.