RST TI Report Digest: 06 Apr 2026

Security brief: In 2026 tax-themed campaigns increased significantly, targeting individuals and organizations (primarily in the US and other countries) by impersonating tax authorities and financial institutions to steal funds and credentials; actors TA4922 and TA2730 use social engineering, credential phishing, BEC and exploitation of RMM tools to deliver malicious payloads and enable remote access, with the report providing multiple IOCs (IP, domains, URLs, hashes, and many email addresses).