In a perfect world, every manufacturer would update all of its Android phones and tablets every single time Google posted an update to AOSP. We don't live in that perfect world, but at least some of them have paid lip service to the new monthly security updates that Google has been issuing for the last eight months or so. Samsung is one of them... as long as the definition of "monthly" is stretched to something like "eventually." The company posted March's security update notes yesterday (on April 13th) and followed up with the April notes almost immediately.
There's nothing particularly notable in either bulletin, since Samsung simply applies most of the changes made in AOSP (minus those for specific Nexus/Android One/et cetera models) to their own software for flagship phones and tablets. The company added five extra adjustments in March and three in April, covering various vulnerabilities in drivers, modems, IMEI implementations, and even the Android clipboard.
The March security patches haven't been mentioned in the latest OTA updates for various Galaxy phones, so presumably customers will need to wait for the next round of updates to get the improvements. Owners who bought phones or tablets through carriers may have to wait even longer. Two of the updates, one each in March and April, are marked "critical."