The cybersecurity landscape continues to evolve with new threats and scams emerging daily. This digest highlights the latest incidents, including AI-driven phishing campaigns, ransomware arrests, and educational disruptions, providing a detailed breakdown of key events and mitigation strategies.
Ransomware and Cybercrime Arrests
German authorities identified two key suspects linked to the REvil and GandCrab ransomware gangs. Daniil Shchukin and Anatoly Kravchuk are wanted for 24 attacks generating $2.3M in ransoms and causing $40M in damages. REvil, dismantled in 2021, targeted high-profile entities like Kaseya and Lady Gaga’s law firm. Germany’s BKA noted their roles in developing and deploying ransomware-as-a-service (RaaS) models. Read the full advisory here.
In Thailand, the Anti Cyber Scam Centre (ACSC) reported a 17% rise in online scam cases but a significant drop in losses due to faster fund freezes. Online job scams emerged as the top financial threat, with fraudsters luring victims into fake Line groups or high-paying task schemes before disappearing with funds. Authorities arrested 16 suspects and seized 1.7M THB ($52K). The ACSC advised using escrow payment systems (e.g., TikTok Shop, Lazada) to mitigate risks. Read more about the ACSC report.
Ransomware and Cybercrime Arrests: Global Crackdowns
German authorities have unmasked two key suspects linked to the REvil and GandCrab ransomware gangs. Daniil Shchukin and Anatoly Kravchuk are wanted for 24 attacks generating $2.3M in ransoms and causing $40M in damages. REvil, dismantled in 2021, targeted high-profile entities like Kaseya and Lady Gaga’s law firm. Germany’s BKA noted their roles in developing and deploying ransomware-as-a-service (RaaS) models.
In Thailand, the Anti Cyber Scam Centre reported a 17% rise in online scam cases but a significant drop in losses due to faster fund freezes. Online job scams emerged as the top financial threat, with authorities arresting 16 suspects. The ACSC advised using escrow payment systems to mitigate risks.
For more details, read the full advisory here, and explore the emerging scam tactics in the rise of cyber frauds, scams, and geopolitical cyber threats.
Government and Institutional Scams: Fake Fines and Social Security Fraud
The Nebraska Judicial System warned of a text scam claiming unpaid traffic fines. Threatening penalties, it urges recipients to click malicious links. Officials clarified that Nebraska courts do not send automated texts for fines. Payments are only accepted in-person or via the official online system. Victims must verify fines through official channels. For more details, read the full warning here. The U.S. Social Security Administration (SSA) alerted the public to a surge in email scams impersonating the agency. Fraudulent emails, often claiming issues with cost-of-living adjustments or tax documents, direct recipients to fake websites to steal personal data. The SSA never requests sensitive information via email. Legitimate communications can be verified at ssa.gov/myaccount. For more details, read the full warning here. In the context of these scams, it becomes evident how financial fraud is evolving, targeting unsuspecting individuals through seemingly legitimate channels. This underscores the importance of vigilance and verification in the digital age.
Cyber Attacks on Critical Infrastructure: Schools and Financial Systems
A cyber attack on Northern Ireland’s C2K network, which supports IT systems for schools, forced students to return during the Easter break to reset passwords in-person. The attack disrupted access to GCSE/A-Level study materials, with schools coordinating password resets. The Education Authority is investigating potential data breaches. Schools like Cross and Passion College and St Louis Grammar School were among those affected.
The FBI’s Internet Crime Complaint Center reported a 26% jump in cybercrime losses to $20.9B in 2025, with investment fraud ($8.65B) and business email compromise ($3.05B) as top contributors. Ransomware (3,600 complaints) and sextortion (75,000 reports) remained pervasive. The FBI emphasized AI-driven threats as a growing concern.
For more details, read the full report here.
Final words
This cybersecurity digest highlights the escalating sophistication of AI-driven phishing campaigns and the persistence of ransomware threats. Organizations must prioritize mitigation strategies like disabling unnecessary OAuth flows and educating users. Government impersonation scams and emerging tactics like deepfake vishing require vigilance and public education. Critical infrastructure attacks underscore the need for robust cybersecurity measures. Stay informed and proactive to protect against evolving threats.