Cybersecurity incidents have surged in April 2026, with sophisticated AI-driven phishing campaigns, ransomware attacks, and widespread scams dominating the landscape. This report consolidates key events, including an AI-enabled device code phishing campaign targeting Microsoft accounts, the unmasking of REvil ransomware suspects, and escalating online fraud tactics in Thailand and beyond.
Ransomware and Cybercrime Arrests
German authorities identified Daniil Shchukin and Anatoly Kravchuk as key figures behind the REvil and GandCrab ransomware gangs. The duo, believed to be in Russia, are linked to 24 attacks generating significant ransoms and damages. REvil, dismantled in 2021, famously targeted Kaseya and Lady Gaga’s law firm. Shchukin’s 2018 interview revealed his rise from poverty to cybercrime wealth.
The FBI’s IC3 annual report revealed a 26% increase in cybercrime losses, with investment fraud and business email compromise leading the trends. Ransomware (Akira, Qilin) and sextortion were prominent, with victims aged 60+ accounting for 37% of losses ($7.75B).
The U.S. Social Security Administration (SSA) warned of a sharp increase in phishing emails impersonating SSA communications. Scams include fake COLA adjustment notices and “security update tool” downloads. Red Flags: Urgent payment demands, `.gov` domain spoofing, and requests for bank details.
Thailand’s Anti Cyber Scam Centre (ACSC) reported 7,366 cases (March 29–April 4) with losses of $1.24M, down 94% due to faster fund freezes. Top Scams: Fake “free goods” lures via Line groups. High-paying online work scams (initial small payments to build trust).
Nebraska courts warned of text/email scams claiming unpaid traffic fines. Key Detail: Courts do not send automated texts for fines. Recipients should verify via official channels.
A cyberattack on the C2K network disrupted IT systems for Northern Ireland schools, forcing students to return during Easter break to reset passwords. Schools like Cross and Passion College reported lost access to Teams and study materials. The Education Authority is investigating potential data breaches.
TV personality Jee Seok-jin shared a personal vishing incident where scammers claimed his wife’s bank account was tied to a crime. The episode of Late-Blooming Student Ji (Netflix) highlighted AI-driven scams using deepfake voices and DeepVoice tech.
The Kennett Square Police Department reported incidents including juvenile neglect, firearm arrest, DUI arrests, and Megan’s Law non-compliance.
A Montgomery woman received 10 years in prison for a stolen mail conspiracy (2020–2021). Lashunda McCray and accomplices used stolen IDs to create counterfeit checks and open fraudulent accounts, causing $105K in losses.
Ransomware and Cybercrime Arrests
German authorities identified Daniil Shchukin and Anatoly Kravchuk as key figures behind the REvil and GandCrab ransomware gangs. The duo, believed to be in Russia, are linked to 24 attacks generating significant ransoms and damages. REvil, dismantled in 2021, famously targeted Kaseya and Lady Gaga’s law firm. Shchukin’s 2018 interview revealed his rise from poverty to cybercrime wealth.
The FBI’s IC3 annual report revealed a 26% increase in cybercrime losses, with investment fraud and business email compromise leading the trends. Ransomware (Akira, Qilin) and sextortion were prominent, with victims aged 60+ accounting for 37% of losses.
Global Scams and Social Engineering
The U.S. Social Security Administration warned of a sharp increase in phishing emails impersonating SSA communications. Scams include fake COLA adjustment notices and security update tool downloads. Red flags include urgent payment demands and requests for bank details. Victims should report scams via the SSA OIG.
Thailand’s Anti Cyber Scam Centre reported 7,366 cases with losses of $1.24M, down 94% due to faster fund freezes. Top scams include fake free goods lures via Line groups and high-paying online work scams. Advice includes using escrow platforms and avoiding unsolicited Line group invites.
Local Cyber Incidents
A cyberattack on the C2K network in Northern Ireland disrupted IT systems for schools. Students had to return during the Easter break to reset passwords. Schools like Cross and Passion College reported lost access to Teams and study materials. The Education Authority is investigating potential data breaches. The attack highlighted the vulnerabilities in educational IT infrastructure, prompting calls for enhanced cybersecurity measures. Local authorities are now emphasizing the need for robust incident response plans and regular security audits.
The Kennett Square Police Department reported various incidents, including a juvenile neglect case where a child was left unattended for 30 minutes. There was also a firearm arrest during a traffic stop for carrying without a license. Additionally, multiple DUI arrests and a Megan’s Law non-compliance case were reported. The suspect in the Megan’s Law case fled to Mexico, adding complexity to the investigation. These incidents underscore the diverse challenges faced by local law enforcement, requiring coordinated efforts between cybersecurity experts and police departments.
A Montgomery woman received a 10-year prison sentence for a stolen mail conspiracy. Lashunda McCray and her accomplices used stolen IDs to create counterfeit checks and open fraudulent accounts, causing $105K in losses. The case highlighted the ongoing threat of mail theft and bank fraud, prompting a review of security measures for mail handling and identity verification processes. Financial fraud cases such as these are on the rise, necessitating stricter regulations and public awareness campaigns to mitigate risks.
Final words
Cybersecurity threats continue to evolve with the integration of AI and automation. It is crucial for individuals and organizations to stay vigilant and proactive in their defense strategies. Implementing multi-factor authentication, educating users, and having robust incident response plans are essential to mitigate risks. As cybercrime becomes more sophisticated, international cooperation and swift legal actions are vital to dismantling criminal networks.