⚠ NCSC: Week 18: Parcel phishing with a devious twist – The "double phishing" scam 🔴 CVE: Critical vulnerabilities tracked — CVSS ≥ 9.0 📰 New article: The CISO Game in Chiasso: What a Simulated Cyber Crisis Teaches That No Presentation Ever Could ⚠ NCSC: Week 18: Parcel phishing with a devious twist – The "double phishing" scam 🔴 CVE: Critical vulnerabilities tracked — CVSS ≥ 9.0 📰 New article: The CISO Game in Chiasso: What a Simulated Cyber Crisis Teaches That No Presentation Ever Could
Threat Intel 8 articles
All 27 Threat Intel 8 Regulation 5 Best Practices 3 Incident Report 4 Analysis 7
Threat Intel3 May 20269 min read

QR Code Phishing Targeting Swiss Microsoft 365 Tenants: An Adversary-in-the-Middle Campaign

A quishing campaign targeting Swiss Microsoft 365 tenants uses AiTM proxy infrastructure to bypass MFA and steal session tokens, with links to Eastern European APT activity.

by Marco ScaritoRead article →
Threat Intel28 April 20268 min read

Microsoft Patch Tuesday April 2026: 165 CVEs, One Actively Exploited SharePoint Zero-Day

Microsoft's April 2026 Patch Tuesday fixed 165 CVEs including an actively exploited SharePoint zero-day (CVE-2026-32201) and a wormable Windows TCP/IP RCE. Triage guidance for Swiss IT teams.

by Marco ScaritoRead article →
Threat Intel7 April 20268 min read

Fortinet FortiClient EMS Under Active Attack: Two Zero-Days, One Patch Window, and What Swiss Enterprises Must Do Now

Two critical zero-days in Fortinet FortiClient EMS — CVE-2026-35616 and CVE-2026-21643, both CVSS 9.1 — are being actively exploited in the wild. Swiss enterprises using FortiClient EMS must apply the emergency hotfix immediately.

by Marco ScaritoRead article →
Threat Intel6 April 20268 min read

The npm Trust Problem: How the Claude Code Leak and the Axios RAT Created a Supply Chain Emergency

Between 00:21 and 03:29 UTC on 31 March 2026, malicious axios versions with a Trojan went live on npm. DevSecOps lessons for Swiss engineering teams.

by Marco ScaritoRead article →
Threat Intel30 March 20269 min read

AI Agent Vulnerabilities in the Enterprise: LangChain, LangGraph and the Expanding Attack Surface

Three vulnerabilities disclosed in LangChain and LangGraph expose filesystem data, secrets, and conversation history in enterprise AI deployments.

by Marco ScaritoRead article →
Threat Intel23 March 20269 min read

AI-Driven Fraud in Switzerland: Deepfakes, Voice Cloning, and the New Social Engineering Threat

In January 2026, a Swiss entrepreneur transferred several million francs after calls from an entirely AI-generated voice.

by Marco ScaritoRead article →
Threat Intel23 March 20269 min read

Zero-Day Before the Patch: How Interlock Ransomware Exploited Cisco FMC for 36 Days Undetected

Amazon's threat intelligence team confirmed that Interlock ransomware began exploiting CVE-2026-20131 on 26 January 2026.

by Marco ScaritoRead article →
Threat Intel15 March 20258 min read

Ransomware Attacks on Swiss SMEs: A Growing Threat in 2025

New data from NCSC reveals a 34% increase in ransomware incidents targeting Swiss SMEs in 2025.

by Marco ScaritoRead article →