Copilot Cowork Acts Alone, the SOC Doesn’t See It
Copilot Cowork performs actions autonomously. What attack surface this opens up and why the SOC remains blind without configured logging. Read article
Ivanti Connect Secure back on the CISA KEV: Third incident in 18 months
CISA has added a new Ivanti Connect Secure vulnerability to the KEV. Mandiant reports active exploitation in critical infrastructure networks. Read article
Detection Engineering Without Vendor Lock: Wazuh Stack 2026
Wazuh, Sigma, and Shuffle as a SOC stack: an honest trade-off table, three figures for steering, and when the switch becomes economical. Read article
NIS2 Audit: How the Vendor List Crumbles in Two Hours
NIS2 audits have been checking supply‑chain evidence concretely since May 2026. Read article
Adaptive MFA: NIS2 Pressure as a Zero-Trust
Adaptive MFA with FIDO2 meets NIS2 Article 21 and reduces helpdesk volume by 60-75%. What SMEs need to change in their identity architecture. Read article
AI Agent Uncovers Linux Kernel Zero
A Theori AI agent autonomously found CVE-2026-31431 in 60 minutes. CISA KEV confirms, CrowdStrike reports active exploitation. Read article
CVE-2026-32202: CISA KEV Listing Forces CISOs to Act
CVE-2026-32202 (CVSS 8.8) has been listed in CISA KEV since April 28, 2026: APT28 is exploiting an incomplete Windows kernel patch. Read article
Customers at Risk After Trellix Code Leak
6 min read Trellix confirmed a source-code breach in early May 2026. The cybersecurity vendor now joins a list that includes Microsoft, Okta and LastPass—security-tool manufacturers themselves becoming targets. For... Read article
CISA KEV April 2026: Samsung MagicINFO, SimpleHelp and D‑Link Actively Exploited
6 Min. reading time The CISA added eight new entries to its Known Exploited Vulnerabilities Catalog within one week at the end of April 2026. Three systems stand out: Samsung... Read article
Fortinet CVE-2026-35616: Two Critical FortiClient EMS Flaws in Weeks – What It Means for DACH IT Teams
FortiClient EMS has received two critical patches within three weeks. CVE-2026-35616 (CVSS 9.1, Pre-Auth RCE) has shown exploits since March 31, 2026. Read article
Source Code Breaches: When Hackers Outpace Security Vendors
8 Min. Read Time Trellix, Okta, LastPass – three security providers, three source code breaches, one pattern. Attackers are deliberately compromising security providers to discover vulnerabilities in their products before... Read article
GDPR Fines 2026: Why Regulators Are Now Targeting SMEs
4.5+ billion EUR in accumulated GDPR fines - In 2026, SMEs come into focus. The 72-hour reporting obligation under Art. Read article
NIS2 Enforcement 2026: BSI Audit Phase & DACH Checklist
The BSI has been in the operational testing phase since May 2026. This is what the NIS2 enforcement wave means for the 29,500 regulated entities in… Read article
Klöckner, Prien, Graichen: When the top brass clicks a phishing link
Signal verification code theft at Klöckner, Prien, Hubertz, plus Graichen's own goal on X. Three CISO movements for 2026. Read article
EU AI Act launches Aug 2, yet high‑risk oversight gap persists
Annex III deadline August 2, 2026, Council postponement to December 2027 in trilogue, BSI inspection from August. What 90 days will decide. Read article
Bitwarden CLI Supply Chain Attack 2
93 minutes malicious bw1.js in the official npm path. What the Bitwarden CLI incident of April 22 means for the DACH hook audit. Read article
GDPR Enforcement 2026: How April Cases Involving Renault, YOTI, Enel, and Bakeca Are Shifting Risk for Mid-Sized Companies
In April 2026, the Romanian data protection authority sanctioned Renault Commercial Roumanie following a cyberattack with insufficient security measures, the Spanish AEPD imposed €950,000 on YOTI for biometric processing without... Read article
Adaptive MFA as NIS2 Standard 2026: How ENISA Guidance Clarified the Where-Appropriate Clause
NIS2 requires multi-factor authentication (MFA) “where appropriate,” and in Germany, the BSI enforcement mandate enters its operational phase in May 2026. For security and compliance officers, the central question is... Read article
WhatsApp and Signal under NIS2 requirements: How management teams can establish a clean messenger architecture by 2026
Belgium activated the first NIS2 compliance check on April 18, 2026, with Germany following suit in May: Any business that continues to conduct critical communication via private WhatsApp and Signal... Read article
500,000 Patient Data in 96 Hours: Anonymous Incident Report from a DACH Hospital Group
April 2026: Wave of Healthcare Breaches. Anonymous DACH Incident Report with 500k patient data, 96h reconstruction, NIS2/DSGVO obligations. Read article
Adaptive MFA Under Fire: Why Risk Engines Don’t See the 7-Million-Device-Code Wave
Barracuda reports 7 million device-code phishing attacks in 4 weeks. Why Adaptive MFA in Entra/Okta/Duo is bypassed and what works now. Read article
