---
title: "Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20, 2026] | DuoCircle"
description: "Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/cyber-security-news-update-week-17-of-2026/"
---

Quick Answer

Cybersecurity stories from the week of April 20, 2026: cybercriminals attacked Sri Lanka's Ministry of Finance, disrupting government operations. The UK NCSC unveiled SilentGlass, a new threat-defense capability designed to spot and disrupt nation-state attack infrastructure earlier in the kill chain. Cosmetics retailer Rituals confirmed a data breach exposing customer membership records to attackers. And France's identity-document agency was targeted by threat actors. Coverage focused on government and consumer-brand exposure, with the SilentGlass announcement as the week's notable defensive development.

Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News \[April 20, 2026\]

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2026/04/Sri-Lanka-Cyberattack-SilentGlass-Threat-Defense-Rituals-Data-Breach---Cybersecurity-News-April-20-2026.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcyber-security-news-update-week-17-of-2026%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Sri%20Lanka%20Cyberattack%2C%20SilentGlass%20Threat%20Defense%2C%20Rituals%20Data%20Breach%2C%20Cybersecurity%20News%20%5BApril%2020%2C%202026%5D&url=undefined%2Fblog%2Fcyber-security-news-update-week-17-of-2026%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcyber-security-news-update-week-17-of-2026%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcyber-security-news-update-week-17-of-2026%2F&title=Sri%20Lanka%20Cyberattack%2C%20SilentGlass%20Threat%20Defense%2C%20Rituals%20Data%20Breach%2C%20Cybersecurity%20News%20%5BApril%2020%2C%202026%5D "Share on Reddit") [ ](mailto:?subject=Sri%20Lanka%20Cyberattack%2C%20SilentGlass%20Threat%20Defense%2C%20Rituals%20Data%20Breach%2C%20Cybersecurity%20News%20%5BApril%2020%2C%202026%5D&body=Check out this article: undefined%2Fblog%2Fcyber-security-news-update-week-17-of-2026%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/duocircle/images/2026/04/email-smtp-service-7890.jpg) 

Here’s a quick roundup of the most important cybersecurity stories from last week, highlighting data risks, major breaches, and significant developments shaping the cybersecurity space. A group of [threat actors](https://www.trendmicro.com/en%5Fus/research/26/d/us-public-sector-under-siege.html) managed to break into the systems of the Sri Lankan finance ministry. Meanwhile, the NCSC revealed a brand new technology to safeguard monitors from cyberattacks. The **cosmetic giant Rituals** fell prey to a threat attack that led to a customer data breach. Also, a French identity document agency got targeted by cybercrooks recently.

[SPF](/resources/what-is-spf) verifies sender IP authenticity, DKIM ensures message integrity, and [DMARC](/email/dmarc) enforces policies to prevent spoofing and protect [email security](/).

## Sri Lankan finance ministry attacked by cybercrooks!

The External Resources Department of the Sri Lankan Finance Ministry just got hacked by a group of threat actors. The hackers managed to access the computer system of this department and stole a whopping [$2.5 million](https://www.bbc.com/news/articles/cn53vlvn3lvo). The same fund was to be utilized for bilateral debt repayment to Australia.

Sri Lankan authorities feel that the threat attack was carried out **back in January 2026**. However, they noticed the theft recently, when the Australian creditor complained about incomplete debt payment. The authorities became fully aware of the cyber heist only after the [hackers attempted](https://www.nbcnews.com/tech/security/iran-hack-break-us-industrial-systems-agencies-trump-target-rcna267162) to divert the payments that were due to India.

A strict investigation is underway. Four senior officers have also been suspended. Meanwhile, the department is seeking guidance from **international law enforcement agencies**. Experts are trying to recover the stolen funds.

[![cybercrooks](https://media.mailhop.org/duocircle/images/2026/04/spf-permerror-5611-1.jpg)](https://media.mailhop.org/duocircle/images/2026/04/spf-permerror-5611-1.jpg)

Matthew Ducksworth, the Australian High Commissioner in Sri Lanka, has assured that Australia will be assisting the investigation process. 

This threat attack is a huge blow to Sri Lanka’s already wobbling economy. 

## Revolutionary SilentGlass unveiled by NCSC to prevent threat attacks!

A revolutionary technology has been unveiled by the [UK National Cyber Security Centre (NCSC)](https://en.wikipedia.org/wiki/National%5FCyber%5FSecurity%5FCentre%5F%28United%5FKingdom%29) on April 22\. This tech will successfully prevent monitors from threat attack incidents. SilentGlass, the plug-and-play device, has been revealed at CYBERUK (the annual conference that revolves around cybersecurity). The device has been designed in association with Goldilock Labs and Sony UK.

This modern gadget is used to block any kind of suspicious or unexpected activity that takes place between the **DisplayPort connections or HDMI** and the monitor screens. The best part about this device is that NCSC claims it is fully functional and successful even in high-risk cyber threat ecosystems.

The NCSC has already been using SilentGlass for government organizations. Now, the device is available to the general public as well.

_Since monitors store and process sensitive, valuable data, they are a highly sought-after target for threat actors_. This is why the latter often tries to abuse monitors to break into systems and carry out fraudulent activities for monetary gain or to create disruption and chaos. 

The **plug-and-play device**, SilentGlass, exactly caters to this issue. It is now globally available at affordable pricing to mitigate cyber threats.

[![prevent threat attacks](https://media.mailhop.org/duocircle/images/2026/04/spf-record-9006.jpg)](https://media.mailhop.org/duocircle/images/2026/04/spf-record-9006.jpg)

## Cosmetics brand Rituals’ data breach incident exposed customer membership records to cybercrooks!

_Rituals, the cosmetics brand, recently experienced a data breach incident_. The threat attack resulted in the **customer’s personal data** being exposed to threat actors. Rituals shared about the cyber mishap last Wednesday were communicated via emails sent to the affected customers. 

The cosmetics brand has acknowledged unauthorized downloads of **customer data in April**. The compromised data includes a crucial set of information, such as names, DOBs, email addresses, phone numbers, etc., of the Rituals customers. Although the attack has impacted its global customer base, a major chunk of the affected customers are from the US.

There has been no clarity yet on the nature of the threat against Rituals. A stringent investigation is underway to gather more details about the threat.

What’s concerning is that there are over [41 million](https://techcrunch.com/2026/04/22/cosmetics-giant-rituals-confirms-data-breach-of-customer-membership-records/) customers in Rituals’ affected membership database. The cosmetics brand has been tight-lipped about the exact number of members impacted by the cyberattack. 

## French identity document agency targeted by threat actors!

Hackers have targeted the National Agency for Secure Documents of the French government on April 15\. This website **manages driver’s licenses** and identity documents. The Interior Ministry is apprehensive that the breach might have exposed some of the personal information to the hackers. The ANTS website offers services like application processing for national identity cards, passports, residence permits, and so on.

Initial level of investigation suggests that sensitive data like names, [login credentials](https://www.wired.com/story/149-million-stolen-usernames-passwords/), dates of birth, places of birth, postal addresses, unique identifiers, etc., might have been compromised. 

[![Data Breach Risk Breakdown ](https://media.mailhop.org/duocircle/images/2026/04/spf-validator-6722.jpg)](https://media.mailhop.org/duocircle/images/2026/04/spf-validator-6722.jpg)

The authorities have confirmed that the breached data does not include any kind of attachments that might have been submitted along with the applications. Also, the leaked data does not give the hackers any kind of access to the **ANTS portal accounts**.

There’s yet no clarity around the exact number of users whose [data was compromised](https://www.ibm.com/think/news/national-public-data-breach-publishes-private-data-billions-us-citizens) in the threat attack incident. Also, the nature and origin of the cyberattack are still unknown. An investigation is underway to understand the scope of the cyber mishap and mitigate the extent of damage. Also, **additional security measures** are being deployed to ensure seamless service continuity and bolster existing data security mechanisms.

There has yet to be any confirmation around the culprits of the cyber mishap. Also, the authorities have not shared any potential motive for this kind of cyberattack.

This attack is just a part of a series of threats that have been targeting French public institutions in recent times. 

Last week, personal data of some of the French students was compromised, as confirmed by the **French Education Ministry**. The breach happened because of a threat attack on the French student account management system.

In February 2026, cybercrooks were able to break into the network of the [French National Bank Accounts File](https://www.scworld.com/brief/hacker-accesses-1-2-million-french-bank-accounts-using-stolen-credentials). This database consists of the records of all the bank accounts across the nation. The threat attack exposed highly sensitive data that includes information on [1.2 million](https://therecord.media/france-cyberattack-agency-passports) bank accounts.

## Topics

cyber securityDKIMDMARCemail securityNewsSecurityspfUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 6m  GitHub Backdoor Threat, Cartier Data Breach, Fake RubyGems Steal, Cybersecurity News \[June 02, 2025\]  Jun 9, 2025 ](/blog/announcements/cyber-security-news-update-week-24-of-2025/)[  News 6m  Hackers Hijack WordPress, SonicWall Backup Breach, Oracle Data Theft, Cybersecurity News \[October 06, 2025\]  Oct 13, 2025 ](/blog/announcements/cybersecurity-news-update-week-42-of-2025/)[  News 6m  LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News \[March 02, 2026\]  Mar 9, 2026 ](/blog/announcements/cyber-security-news-update-week-10-of-2026/)[  News 6m  Vapor Apps Malware, Coinbase Phishing Scam, Medusa Ransomware Attack , Cybersecurity News \[March 17, 2025\]  Mar 24, 2025 ](/blog/announcements/cyber-security-news-update-week-13-of-2025/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20, 2026]","description":"Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20.","url":"https://www.duocircle.com/blog/cyber-security-news-update-week-17-of-2026/","datePublished":"2026-04-27T17:20:04.000Z","dateModified":"2026-04-30T20:12:53.000Z","dateCreated":"2026-04-27T17:20:04.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cyber-security-news-update-week-17-of-2026/"},"articleSection":"announcements","keywords":"cyber security, DKIM, DMARC, email security, News, Security, spf, Updates","wordCount":992,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/04/email-smtp-service-7890.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20, 2026]","item":"https://www.duocircle.com/blog/cyber-security-news-update-week-17-of-2026/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20, 2026]","item":"https://www.duocircle.com/blog/cyber-security-news-update-week-17-of-2026/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20, 2026]","description":"Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach, Cybersecurity News [April 20.","url":"https://www.duocircle.com/blog/cyber-security-news-update-week-17-of-2026/","datePublished":"2026-04-27T17:20:04.000Z","dateModified":"2026-04-30T20:12:53.000Z","dateCreated":"2026-04-27T17:20:04.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cyber-security-news-update-week-17-of-2026/"},"articleSection":"announcements","keywords":"cyber security, DKIM, DMARC, email security, News, Security, spf, Updates","wordCount":992,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/04/email-smtp-service-7890.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```