All Articles 62 articles

ESRB Declares Frontier AI a Systemic Cyber Risk — ECB Orders Bank Action Plans by 31 October

The ESRB has classified frontier AI models as a systemic cyber risk to the EU financial system, and the ECB wants action plans by 31 October. The Swiss impact.

GitLost: How a GitHub AI Agent Was Tricked Into Leaking Private Repositories

Noma Labs' GitLost showed how a prompt injection in a public GitHub issue coerced GitHub's AI agent into exfiltrating private repository contents. What it means for Swiss engineering teams.

AI Code in Production: Swiss SDLC Risk Guide 2026

Half of engineering teams run AI-generated code in production while AI features fail pentests 2.7x more often. Swiss SDLC controls must adapt.

Financial Vendor Breaches Up 6.5x: Swiss Bank Risk 2026

Black Kite's 2026 report shows breaches among the top financial vendors rose from 6 to 39 in a year. What concentration risk means for Swiss banks.

Payload Ransomware Hits Two Swiss SMEs in One Week: 2026

Payload ransomware claimed Swiss broker ENB and automation firm Qualiflex in one week, testing ISA reporting duties and Swiss SME resilience.

Claude Fable 5's 19-Day Ban: How a Jailbreak Report Triggered US Export Controls on Anthropic's Flagship Model

US export controls pulled Claude Fable 5 offline for 19 days. The verified timeline, the jailbreak behind it, and what it means for Swiss AI governance.

Chrome V8 Zero-Day CVE-2026-11645: Swiss Risk 2026

CVE-2026-11645, an actively exploited Chrome V8 zero-day on the CISA KEV list, turns any visited web page into a code-execution risk for Swiss endpoints.

Miasma npm Attack: Swiss CI/CD Hardening Guide 2026

The Miasma npm worm published malware with valid SLSA provenance via stolen OIDC tokens. A CI/CD hardening baseline for Swiss dev teams.

NIS2 Incident Reporting Templates: Swiss EU Guide 2026

The NIS2 uniform incident-reporting templates set the format Swiss EU-market entities must adopt before the June 30 compliance audit.

NCSC Mandatory Cyber Reporting: Swiss ISA Enforcement 2026

Switzerland's ISA transitional period for mandatory cyber reporting ends mid-2026. Swiss operators must validate their NCSC 24-hour notification pipelines now.