Monthly Archives: April 2026

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

April 30, 2026
24 Comments
A black Archer AX21 router from TP-Link. Image: tp-link.com.

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image.

‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

April 21, 2026
30 Comments
A screenshot of two photos of Buchanan that appeared in a Daily Mail story dated May 3, 2025.

A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors.

Patch Tuesday, April 2026 Edition

April 14, 2026
29 Comments
A picture of a windows laptop in its updating stage, saying do not turn off the computer.

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.

Russia Hacked Routers to Steal Microsoft Office Tokens

April 7, 2026
25 Comments

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

April 5, 2026
10 Comments

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.