Swiss Security Insights

Swiss Security Insights https://swisssecurityinsights.ch/ Independent cybersecurity analysis for Swiss CISOs, IT managers, and compliance officers. en-ch editor@swisssecurityinsights.ch (Marco Scarito) Thu, 07 May 2026 00:00:00 +0000 120 The CISO Game in Chiasso: What a Simulated Cyber Crisis Teaches That No Presentation Ever Could https://swisssecurityinsights.ch/articles/ciso-game-chiasso-supply-chain-third-party-risk-2026.php A first-person account of the Supply Chain & Third Party Risk event in Chiasso — the second CISO gathering in Ticino in as many weeks — centred on an interactive crisis simulation that put 50 security leaders around the table to make real decisions under pressure. Thu, 07 May 2026 00:00:00 +0000 Analysis https://swisssecurityinsights.ch/articles/ciso-game-chiasso-supply-chain-third-party-risk-2026.php Hardening Microsoft 365 for Swiss Organisations: A Practical Security Checklist https://swisssecurityinsights.ch/articles/hardening-microsoft-365-swiss-organisations-checklist-2026.php A practical M365 hardening checklist for Swiss organisations covering Conditional Access, Entra ID Secure Score, Exchange Online protection, audit logging, and data residency. Sun, 03 May 2026 00:00:00 +0000 Best Practices https://swisssecurityinsights.ch/articles/hardening-microsoft-365-swiss-organisations-checklist-2026.php NCSC Week 19: Business Email Compromise Wave Hits Swiss SMEs — CHF 2.3M in Confirmed Losses https://swisssecurityinsights.ch/articles/ncsc-week19-bec-swiss-sme-wire-fraud-2026.php The NCSC Week 19 alert documents a BEC campaign targeting Swiss SMEs in manufacturing and logistics, with CHF 2.3M in confirmed wire transfer losses. Sun, 03 May 2026 00:00:00 +0000 Incident Report https://swisssecurityinsights.ch/articles/ncsc-week19-bec-swiss-sme-wire-fraud-2026.php QR Code Phishing Targeting Swiss Microsoft 365 Tenants: An Adversary-in-the-Middle Campaign https://swisssecurityinsights.ch/articles/qr-code-quishing-swiss-m365-apt-2026.php A quishing campaign targeting Swiss Microsoft 365 tenants uses AiTM proxy infrastructure to bypass MFA and steal session tokens, with links to Eastern European APT activity. Sun, 03 May 2026 00:00:00 +0000 Threat Intel https://swisssecurityinsights.ch/articles/qr-code-quishing-swiss-m365-apt-2026.php Claude Mythos and Project Glasswing: Separating Fact from Hype on the AI Model Too Dangerous to Release https://swisssecurityinsights.ch/articles/claude-mythos-cybersecurity-risks-project-glasswing-2026.php Anthropic's Claude Mythos can autonomously find zero-day vulnerabilities. A confirmed unauthorised access incident has already occurred. Swiss security teams need facts, not hype. Tue, 28 Apr 2026 00:00:00 +0000 Analysis https://swisssecurityinsights.ch/articles/claude-mythos-cybersecurity-risks-project-glasswing-2026.php Microsoft Patch Tuesday April 2026: 165 CVEs, One Actively Exploited SharePoint Zero-Day https://swisssecurityinsights.ch/articles/microsoft-patch-tuesday-april-2026-sharepoint-zero-day.php Microsoft's April 2026 Patch Tuesday fixed 165 CVEs including an actively exploited SharePoint zero-day (CVE-2026-32201) and a wormable Windows TCP/IP RCE. Triage guidance for Swiss IT teams. Tue, 28 Apr 2026 00:00:00 +0000 Threat Intel https://swisssecurityinsights.ch/articles/microsoft-patch-tuesday-april-2026-sharepoint-zero-day.php Switzerland's Cyber Products Law: What the Federal Council's Draft Bill Means for Swiss Tech Companies https://swisssecurityinsights.ch/articles/switzerland-cyber-products-law-federal-council-2026.php Switzerland's Federal Council is drafting a new cyber products law by autumn 2026, mirroring the EU Cyber Resilience Act. What Swiss manufacturers, importers, and software vendors must prepare for now. Tue, 28 Apr 2026 00:00:00 +0000 Regulation https://swisssecurityinsights.ch/articles/switzerland-cyber-products-law-federal-council-2026.php AI Security at the Crossroads: 10 Takeaways from the Swiss Cyber AI Conference https://swisssecurityinsights.ch/articles/swiss-cyber-ai-conference-takeaways-2026.php Ten takeaways from the Swiss Cyber AI Conference — identity, least privilege for AI agents, poisoned agents, voice biometric deprecation, and the F1 security paradigm. Tue, 14 Apr 2026 00:00:00 +0000 Analysis https://swisssecurityinsights.ch/articles/swiss-cyber-ai-conference-takeaways-2026.php The EU Cyber Resilience Act's First Deadline Is in Five Months — Are Swiss Manufacturers Ready? https://swisssecurityinsights.ch/articles/eu-cyber-resilience-act-september-2026-deadline-swiss-manufacturers.php The EU Cyber Resilience Act's first mandatory deadline — vulnerability and incident reporting obligations — takes effect on 11 September 2026. Swiss manufacturers exporting digital products to the EU have five months to build compliant processes. Tue, 07 Apr 2026 00:00:00 +0000 Regulation https://swisssecurityinsights.ch/articles/eu-cyber-resilience-act-september-2026-deadline-swiss-manufacturers.php Fortinet FortiClient EMS Under Active Attack: Two Zero-Days, One Patch Window, and What Swiss Enterprises Must Do Now https://swisssecurityinsights.ch/articles/fortinet-forticlient-ems-cve-2026-35616-zero-day-swiss-enterprises.php Two critical zero-days in Fortinet FortiClient EMS — CVE-2026-35616 and CVE-2026-21643, both CVSS 9.1 — are being actively exploited in the wild. Swiss enterprises using FortiClient EMS must apply the emergency hotfix immediately. Tue, 07 Apr 2026 00:00:00 +0000 Threat Intel https://swisssecurityinsights.ch/articles/fortinet-forticlient-ems-cve-2026-35616-zero-day-swiss-enterprises.php Patching Is Not Enough: Building a Vulnerability Management Programme That Holds Up to FINMA and ISA Scrutiny https://swisssecurityinsights.ch/articles/vulnerability-management-programme-finma-isa-swiss-financial-sector.php Three critical zero-days in five weeks — Cisco FMC, Fortinet EMS twice — expose a common failure: organisations patch reactively but lack a structured vulnerability management programme. Here is what FINMA and the ISA now expect, and how to build it. Tue, 07 Apr 2026 00:00:00 +0000 Best Practices https://swisssecurityinsights.ch/articles/vulnerability-management-programme-finma-isa-swiss-financial-sector.php When the Safety-First AI Lab Ships Its Own Source Code to npm: Lessons from the Claude Code Leak https://swisssecurityinsights.ch/articles/claude-code-source-leak-ai-supply-chain-lessons-2026.php A source map misconfiguration in Claude Code v2.1.88 exposed Anthropic's internal codebase — 1,906 files and 44 hidden feature flags — via npm. Mon, 06 Apr 2026 00:00:00 +0000 Analysis https://swisssecurityinsights.ch/articles/claude-code-source-leak-ai-supply-chain-lessons-2026.php NCSC Semi-Annual Report H2 2025: What the First Mandatory Critical Infrastructure Data Tells Us https://swisssecurityinsights.ch/articles/ncsc-semi-annual-report-h2-2025-switzerland.php On 30 March 2026, the NCSC published its H2 2025 report — the first to integrate mandatory infrastructure notifications with voluntary reports. Mon, 06 Apr 2026 00:00:00 +0000 Analysis https://swisssecurityinsights.ch/articles/ncsc-semi-annual-report-h2-2025-switzerland.php The npm Trust Problem: How the Claude Code Leak and the Axios RAT Created a Supply Chain Emergency https://swisssecurityinsights.ch/articles/npm-supply-chain-attack-axios-claude-code-devSecOps-2026.php Mon, 06 Apr 2026 00:00:00 +0000 Threat Intel https://swisssecurityinsights.ch/articles/npm-supply-chain-attack-axios-claude-code-devSecOps-2026.php AI Agent Vulnerabilities in the Enterprise: LangChain, LangGraph and the Expanding Attack Surface https://swisssecurityinsights.ch/articles/langchain-langgraph-ai-agent-vulnerabilities-2026.php Three vulnerabilities disclosed in LangChain and LangGraph expose filesystem data, secrets, and conversation history in enterprise AI deployments. Mon, 30 Mar 2026 00:00:00 +0000 Threat Intel https://swisssecurityinsights.ch/articles/langchain-langgraph-ai-agent-vulnerabilities-2026.php Identity Fraud with a Swiss Face: The NCSC's Warning on Fake Company Job Scams https://swisssecurityinsights.ch/articles/ncsc-fake-swiss-company-job-scams-2026.php The NCSC's Week 12 alert documents a new tactic: cloning registered Swiss companies to post fraudulent job ads and harvest applicants' data. Mon, 30 Mar 2026 00:00:00 +0000 Incident Report https://swisssecurityinsights.ch/articles/ncsc-fake-swiss-company-job-scams-2026.php Zero Trust Beyond the Buzzword: Why Microsegmentation Is the Control Swiss Enterprises Keep Skipping https://swisssecurityinsights.ch/articles/zero-trust-microsegmentation-swiss-enterprises-2026.php Most Zero Trust implementations stop at identity, skipping microsegmentation — the control that limits damage once an attacker is inside. Mon, 30 Mar 2026 00:00:00 +0000 Best Practices https://swisssecurityinsights.ch/articles/zero-trust-microsegmentation-swiss-enterprises-2026.php The Scammers Are Evolving? No — We Are Not https://swisssecurityinsights.ch/articles/homograph-lookalike-domain-phishing-not-new.php A phishing email spoofing Microsoft via 'rnicrosoft.com' went viral. The technique is 20 years old. The surprise is that it still works. Sat, 28 Mar 2026 00:00:00 +0000 Analysis https://swisssecurityinsights.ch/articles/homograph-lookalike-domain-phishing-not-new.php AI-Driven Fraud in Switzerland: Deepfakes, Voice Cloning, and the New Social Engineering Threat https://swisssecurityinsights.ch/articles/ai-fraud-deepfakes-switzerland-2026.php In January 2026, a Swiss entrepreneur transferred several million francs after calls from an entirely AI-generated voice. Mon, 23 Mar 2026 00:00:00 +0000 Threat Intel https://swisssecurityinsights.ch/articles/ai-fraud-deepfakes-switzerland-2026.php Zero-Day Before the Patch: How Interlock Ransomware Exploited Cisco FMC for 36 Days Undetected https://swisssecurityinsights.ch/articles/cisco-fmc-cve-2026-20131-interlock-ransomware-zero-day.php Amazon's threat intelligence team confirmed that Interlock ransomware began exploiting CVE-2026-20131 on 26 January 2026. Mon, 23 Mar 2026 00:00:00 +0000 Threat Intel https://swisssecurityinsights.ch/articles/cisco-fmc-cve-2026-20131-interlock-ransomware-zero-day.php