Healthcare, medtech, and service providers are still a favorite ransomware and breach target
Healthcare and adjacent service providers continue to be hit by both ransomware and large data breaches. The feed includes multiple incidents involving clinics, insurers, medical device manufacturers, and healthcare support organizations, often with sensitive personal or medical data exposed. The operational impact is broad: patient data theft, service disruption, and long recovery periods all show up repeatedly. For Swiss readers,…
Read the article →Microsoft 365, Entra ID, and OAuth abuse remain a top initial-access channel
Identity abuse is one of the clearest operational threats in the feed, especially around Microsoft 365 and Entra ID. Attackers are using fake passkey enrollment, device-code flow abuse, OAuth client ID spoofing, malicious guest…
Read the article →Roundcube, ColdFusion, SharePoint and other enterprise web stacks are under active exploitation
A major cluster of articles shows attackers moving quickly on high-value web application flaws, with CISA repeatedly adding exploited issues to its KEV catalog. Roundcube mail servers, Adobe ColdFusion, SharePoint, Joomla extensions, Gitea, and…
Read the article →RoguePlanet, GigaWiper, and other destructive Windows malware show the continued rise of high-impact endpoint abuse
The feed includes several destructive or quasi-destructive Windows malware stories, from backdoors that bundle wipers and ransomware capabilities to driver-based defenses blinding endpoint security tools. These campaigns matter because they combine evasion, persistence, and…
Read the article →Ransomware and extortion operations continue to target organizations worldwide
Ransomware leak sites and reporting showed continued activity from groups such as Qilin, DragonForce, Akira, Play, Incransom, and others against companies, schools, hospitals, and public-sector organizations across many countries. The articles themselves were sparse,…
Read the article →Government, telecom, and public-sector breaches show persistent exposure of large identity datasets
The feed includes a series of large breaches affecting telecoms, insurers, government agencies, and public services, with millions of records exposed in some cases. These incidents often start with phishing, employee compromise, or third-party…
Read the article →Banking, payments, and financial-services security remain under pressure from fraud and MFA gaps
Financial services and payment environments appear repeatedly in the feed as targets of phishing, account takeover, and fraud infrastructure. The articles describe fake investment schemes, phone-based social engineering, weak MFA coverage in financial workforces,…
Read the article →Microsoft’s July patch tsunami and the race to compress exploitation windows
Microsoft’s July 2026 Patch Tuesday was one of the biggest security releases in company history, with coverage across hundreds of vulnerabilities and multiple already exploited issues. Multiple outlets highlighted that the scale alone made…
Read the article →Cloud and virtualization bugs show that guest-to-host trust boundaries are still fragile
The feed contains multiple serious virtualization stories, including long-lived KVM flaws and guest-to-host escape concerns. These bugs matter because they undermine the trust model at the layer where cloud, VDI, and containerized environments assume…
Read the article →Credential theft, phishing, and fake downloads remain the main path to compromise
Attackers continued to rely on phishing, fake installers, and stolen credentials as their most reliable access methods. Reports covered trojanized Webex, Zoom, and MobaXterm installers, GitHub repositories impersonating hundreds of brands, fake Claude download…
Read the article →- The NCSC and allied governments are pushing faster response and stronger sovereignty around AI and cyber defense
- Passwordless identity and MFA changes are reshaping enterprise access management
- Security teams are racing to manage AI, MCP, and coding-agent risk in software development
- European privacy and chat-control debates are converging with practical security and compliance work
- The market for AI security products is exploding, but buyers still struggle to separate control from marketing
- Swiss and European regulators are pushing hard on AI governance, privacy, and accountability
- Swiss banking and public-sector cyber agenda: NCSC, nLPD, and notification obligations keep gaining weight
- CrowdStrike, Microsoft, and others are using AI to reframe vulnerability discovery and remediation











