NCSC Mandatory Cyber Reporting: Swiss ISA Enforcement 2026
Switzerland's ISA transitional period for mandatory cyber reporting ends mid-2026. Swiss operators must validate their NCSC 24-hour notification pipelines now.
All Articles
53 articles
RoguePlanet CVE-2026-47281: Swiss Endpoint Zero-Day 2026
CVE-2026-47281 (RoguePlanet, CVSS 9.6) exploits Microsoft Defender via VS Code integration to achieve SYSTEM-level escalation on any Windows endpoint.
SharePoint CVE-2026-45659: Swiss On-Prem Patch Guide 2026
CVE-2026-45659 enables RCE on SharePoint Server 2016–SE via Site Member credentials, targeting Swiss financial on-prem deployments with compliance-driven patch debt.
SearchLeak CVE-2026-42824: M365 Copilot One-Click Data Theft
Varonis disclosed SearchLeak (CVE-2026-42824): a one-click attack chain that turned M365 Copilot into a data exfiltration tool targeting emails and files.
Citrix NetScaler CVE-2026-3055: Swiss Perimeter Alert 2026
CVE-2026-3055 is exploited at scale against Citrix NetScaler — the dominant SSL-VPN and load balancer in Swiss banking and enterprise perimeters.
Microsoft Patch Tuesday June 2026: Swiss IT Priority Guide
Microsoft June 2026 Patch Tuesday: 200 CVEs and 6 zero-days including Windows Kernel RCE. Patch prioritisation guide for Swiss enterprise IT teams.
Swiss KRITIS-G and EU NIS2 Revision: CISO Guide 2026
Switzerland's KRITIS-G and the EU NIS2 revision advance in parallel. Swiss operators must navigate both legislative tracks to avoid compliance gaps by 2027.
AI Agent Hijacking: Instagram VIP Takeover and EU Risk 2026
Meta's Instagram AI support agent was manipulated via prompt injection to bypass MFA and hand attackers control of verified VIP accounts.
Exchange OWA CVE-2026-42897: Swiss On-Prem Alert 2026
CVE-2026-42897 exploits Exchange OWA via crafted email with no permanent patch available. Swiss on-premises deployments face active exploitation risk.
CVE-2026-41089 Netlogon RCE: Swiss AD Patching Guide 2026
CVE-2026-41089 is an unauthenticated Netlogon RCE under active exploitation. Swiss AD environments must patch all domain controllers simultaneously.
WEF Cybersecurity Outlook 2026: Lessons for Swiss CISOs
WEF 2026 report: AI drives 87% of cyber risk perceptions and identity is the dominant attack path. Priorities for Swiss security leaders.
DORA First TLPT Cycle: Swiss Financial Entity Guide 2026
The first mandatory TLPT cycles under DORA begin in 2026. Swiss banks and insurers with EU subsidiaries must prepare for TIBER-EU-aligned testing now.
Sovereign Cloud: How EU Regulations Reshape Swiss Cloud 2026
DORA, NIS2, and the EU AI Act are creating hard data residency constraints for Swiss FinTech and HealthTech firms dependent on US hyperscalers.
Unimed Breach: Swiss Healthcare Third-Party Risk 2026
The Unimed third-party billing breach at German university hospitals exposes 12,600 patients. Swiss hospitals face identical data concentration risk.
Dirty Frag Zero-Day Hits Swiss Linux Infrastructure 2026
CVE-2026-43500 grants root on all major Linux distributions. Swiss banks, cloud workloads, and VPN gateways running IPsec are immediately exposed.
NIS2 Enforcement 2026: Swiss EU Subsidiary Guide
First NIS2 supervisory audits are underway in 22 EU member states. Swiss holding companies with EU subsidiaries cannot rely on FINMA compliance alone.
Security ROI Metrics for Swiss Board Reporting 2026
A practical framework for translating security posture into financial risk metrics aligned with FINMA Circular 2023/1 board governance expectations.
Akira Ransomware Hits Swiss Medical Network 3R Again 2026
Akira ransomware struck Groupe 3R's 20 imaging centres in April 2026 — the second attack in 12 months on Swiss healthcare infrastructure.
MCP Agent Security Framework for Swiss Enterprises 2026
Swiss enterprises are deploying MCP agents without security review. This framework covers prompt injection, tool abuse, and Entra ID credential theft.
May 2026 Patch Tuesday: Swiss Enterprise Priority Guide
CVE-2026-41103 (CVSS 9.1) tops May 2026 Patch Tuesday's 118 CVEs. Swiss teams using Atlassian tools with Entra ID must patch immediately.
APT28 Deploys PRISMEX Against EU Defence Supply Chains: Anatomy of an Eleven-Day Zero-Day Window
Russia-linked APT28 exploited CVE-2026-21513 for eleven days before patching, deploying PRISMEX across NATO logistics networks. Swiss dual-use exporters face direct exposure.
Canvas LMS Breach: Swiss Universities Data at Risk 2026
ShinyHunters stole data from 15,000 Canvas LMS institutions. Swiss universities face nDSG breach notifications and student data exposure risks.
Mapping DORA and NIS2 to NIST CSF 2.0 and CIS Controls: A Compliance Efficiency Roadmap for Swiss Financial Institutions
Swiss financial institutions juggling DORA, NIS2 and FINMA obligations can cut duplication by anchoring to NIST CSF 2.0 and CIS Controls v8. Here is how to build the mapping.
EU AI Act August 2026: Swiss High-Risk AI Compliance
The EU AI Act's August 2026 deadline for high-risk systems is 83 days away. Swiss operators face fines up to 7% for non-compliant AI exports.
EU Digital Omnibus: Single Incident Reporting Point Simplifies Process But Leaves Compliance Complexity Intact
The EU Digital Omnibus proposes one portal for NIS2, DORA, GDPR and CER notifications — but different thresholds and timelines remain unchanged. Swiss firms must plan accordingly.
PAN-OS CVE-2026-0300: RCE Exploit Hits Swiss Networks
CVE-2026-0300 gives unauthenticated root RCE on PAN-OS User-ID. Swiss enterprises must patch or isolate affected firewalls now.
The CISO Game in Chiasso: What a Simulated Cyber Crisis Teaches That No Presentation Ever Could
A first-person account of the Supply Chain & Third Party Risk event in Chiasso — the second CISO gathering in Ticino in as many weeks — centred on an interactive crisis simulation that put 50 security leaders around the table to make real decisions under pressure.
Hardening Microsoft 365 for Swiss Organisations: A Practical Security Checklist
A practical M365 hardening checklist for Swiss organisations covering Conditional Access, Entra ID Secure Score, Exchange Online protection, audit logging, and data residency.
NCSC Week 19: Business Email Compromise Wave Hits Swiss SMEs — CHF 2.3M in Confirmed Losses
The NCSC Week 19 alert documents a BEC campaign targeting Swiss SMEs in manufacturing and logistics, with CHF 2.3M in confirmed wire transfer losses.
QR Code Phishing Targeting Swiss Microsoft 365 Tenants: An Adversary-in-the-Middle Campaign
A quishing campaign targeting Swiss Microsoft 365 tenants uses AiTM proxy infrastructure to bypass MFA and steal session tokens, with links to Eastern European APT activity.
Claude Mythos and Project Glasswing: Separating Fact from Hype on the AI Model Too Dangerous to Release
Anthropic's Claude Mythos can autonomously find zero-day vulnerabilities. A confirmed unauthorised access incident has already occurred. Swiss security teams need facts, not hype.
Microsoft Patch Tuesday April 2026: 165 CVEs, One Actively Exploited SharePoint Zero-Day
Microsoft's April 2026 Patch Tuesday fixed 165 CVEs including an actively exploited SharePoint zero-day (CVE-2026-32201) and a wormable Windows TCP/IP RCE. Triage guidance for Swiss IT teams.
Switzerland's Cyber Products Law: What the Federal Council's Draft Bill Means for Swiss Tech Companies
Switzerland's Federal Council is drafting a new cyber products law by autumn 2026, mirroring the EU Cyber Resilience Act. What Swiss manufacturers, importers, and software vendors must prepare for now.
AI Security at the Crossroads: 10 Takeaways from the Swiss Cyber AI Conference
Ten takeaways from the Swiss Cyber AI Conference — identity, least privilege for AI agents, poisoned agents, voice biometric deprecation, and the F1 security paradigm.
The EU Cyber Resilience Act's First Deadline Is in Five Months — Are Swiss Manufacturers Ready?
The EU Cyber Resilience Act's first mandatory deadline — vulnerability and incident reporting obligations — takes effect on 11 September 2026. Swiss manufacturers exporting digital products to the EU have five months to build compliant processes.
Fortinet FortiClient EMS Under Active Attack: Two Zero-Days, One Patch Window, and What Swiss Enterprises Must Do Now
Two critical zero-days in Fortinet FortiClient EMS — CVE-2026-35616 and CVE-2026-21643, both CVSS 9.1 — are being actively exploited in the wild. Swiss enterprises using FortiClient EMS must apply the emergency hotfix immediately.
Patching Is Not Enough: Building a Vulnerability Management Programme That Holds Up to FINMA and ISA Scrutiny
Three critical zero-days in five weeks — Cisco FMC, Fortinet EMS twice — expose a common failure: organisations patch reactively but lack a structured vulnerability management programme. Here is what FINMA and the ISA now expect, and how to build it.
When the Safety-First AI Lab Ships Its Own Source Code to npm: Lessons from the Claude Code Leak
A source map misconfiguration in Claude Code v2.1.88 exposed Anthropic's internal codebase — 1,906 files and 44 hidden feature flags — via npm.
NCSC Semi-Annual Report H2 2025: What the First Mandatory Critical Infrastructure Data Tells Us
On 30 March 2026, the NCSC published its H2 2025 report — the first to integrate mandatory infrastructure notifications with voluntary reports.
The npm Trust Problem: How the Claude Code Leak and the Axios RAT Created a Supply Chain Emergency
Between 00:21 and 03:29 UTC on 31 March 2026, malicious axios versions with a Trojan went live on npm. DevSecOps lessons for Swiss engineering teams.
AI Agent Vulnerabilities in the Enterprise: LangChain, LangGraph and the Expanding Attack Surface
Three vulnerabilities disclosed in LangChain and LangGraph expose filesystem data, secrets, and conversation history in enterprise AI deployments.
Identity Fraud with a Swiss Face: The NCSC's Warning on Fake Company Job Scams
The NCSC's Week 12 alert documents a new tactic: cloning registered Swiss companies to post fraudulent job ads and harvest applicants' data.
Zero Trust Beyond the Buzzword: Why Microsegmentation Is the Control Swiss Enterprises Keep Skipping
Most Zero Trust implementations stop at identity, skipping microsegmentation — the control that limits damage once an attacker is inside.
The Scammers Are Evolving? No — We Are Not
A phishing email spoofing Microsoft via 'rnicrosoft.com' went viral. The technique is 20 years old. The surprise is that it still works.
AI-Driven Fraud in Switzerland: Deepfakes, Voice Cloning, and the New Social Engineering Threat
In January 2026, a Swiss entrepreneur transferred several million francs after calls from an entirely AI-generated voice.
Zero-Day Before the Patch: How Interlock Ransomware Exploited Cisco FMC for 36 Days Undetected
Amazon's threat intelligence team confirmed that Interlock ransomware began exploiting CVE-2026-20131 on 26 January 2026.
Digital Omnibus Enters Trilogue: What Swiss Compliance Teams Must Do Before the Final Text Lands
EU Digital Omnibus heads into trilogue: what Swiss compliance teams should do now on GDPR, AI Act, NIS2, and DORA before the final text lands.
The EU Digital Omnibus: What Swiss Organisations Must Understand Now
On 19 November 2025, the European Commission published the Digital Omnibus.
NCSC Annual Report 2025: Key Takeaways for Swiss Security Teams
The NCSC published its 2025 Annual Report on 16 February 2026. 64,733 incident reports, 222 mandatory notifications.
The HTML Invoice Trap: Anatomy of the Phishing Campaign Targeting Swiss Companies Right Now
The NCSC's Week 11 alert covers a live campaign hitting Swiss companies: fake invoice ZIPs with HTML credential stealers and CAPTCHA evasion.
Ransomware Attacks on Swiss SMEs: A Growing Threat in 2025
New data from NCSC reveals a 34% increase in ransomware incidents targeting Swiss SMEs in 2025.
nDSG Compliance in 2025: What Swiss Companies Still Get Wrong
The revised nDSG is now in force. Persistent blind spots: incomplete records of processing activities.
Spear Phishing in Swiss Finance: Anatomy of a 2025 Campaign
A spear phishing campaign targeting Swiss wealth managers used impersonated correspondence from Swiss financial regulators.