Threats Affecting Switzerland
View all threats affecting or targeting Switzerland. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
SwitzerlandThreats Affecting Switzerland
Click on any threat for detailed analysis and mitigation recommendations
Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet 0 Threat actors exploited the EtherHiding technique to store ClearFake payload routing instructions within smart contracts on the BNB Smart Chain testnet, creating an immutable command-and-control infrastructure that cannot be taken down. The attack began with injected JavaScript on a compromised Swiss website that queried blockchain contracts to deliver malicious payloads. Victims passing anti-analysis checks were fingerprinted by operating system and routed to platform-specific ClickFix social engineering overlays. The campaign simultaneously deployed SectopRAT, a .NET-based remote access trojan capable of browser session hijacking, and ACRStealer, a C++ infostealer targeting credentials and cryptocurrency wallets. An on-chain execution tracker confirmed each compromise in real time. Four smart contracts shared a single deployer wallet, with the oldest deployed nearly a year before analysis, indicating a long-running, actively maintained operation. Join the discussion | AlienVault OTX General | 05/26/2026, 15:20:06 UTC Added: 05/27/2026, 14:03:32 UTC |
CVE-2026-35099: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in Lakeside Software SysTrack AgentCVE-2026-35099 0 Lakeside SysTrack Agent 11 before 11.5.0.15 has a race condition with resultant local privilege escalation to SYSTEM. The fixed versions are 11.2.1.28, 11.3.0.38, 11.4.0.24, and 11.5.0.15. Join the discussion | CVE Database V5 | 04/01/2026, 15:39:51 UTC Added: 04/01/2026, 18:53:52 UTC |
CVE-2026-34376: CWE-863: Incorrect Authorization in mrmn2 PdfDingCVE-2026-34376 0 PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.0, an access-control vulnerability allows unauthenticated users to retrieve password-protected shared PDFs by directly calling the file-serving endpoint without completing the password verification flow. This results in unauthorized access to confidential documents that users expected to be protected by a shared-link password. This issue has been patched in version 1.7.0. Join the discussion | CVE Database V5 | 04/01/2026, 17:05:22 UTC Added: 04/01/2026, 17:38:17 UTC |
CVE-2026-5175: CWE-862 in Devolutions ServerCVE-2026-5175 0 Improper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to delete their own configured MFA factors and reduce account protection to password-only authentication via crafted HTTP requests. This issue affects Server: from 2026.1.6 through 2026.1.11. Join the discussion | CVE Database V5 | 04/01/2026, 15:04:22 UTC Added: 04/01/2026, 15:23:19 UTC |
CVE-2026-4989: CWE-918 Server-Side request forgery (SSRF) in Devolutions ServerCVE-2026-4989 0 Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated user to perform server-side request forgery (SSRF), potentially leading to information disclosure, via a crafted API request. This issue affects Server: from 2026.1.1 through 2026.1.11, from 2025.3.1 through 2025.3.17. Join the discussion | CVE Database V5 | 04/01/2026, 15:07:29 UTC Added: 04/01/2026, 15:23:19 UTC |
CVE-2026-4927: CWE-201 Insertion of sensitive information into sent data in Devolutions ServerCVE-2026-4927 0 Exposure of sensitive information in the users MFA feature in Devolutions Server allows users with user management privileges to obtain other users OTP keys via an authenticated API request. This issue affects Server: from 2026.1.6 through 2026.1.11. Join the discussion | CVE Database V5 | 04/01/2026, 14:54:45 UTC Added: 04/01/2026, 15:23:19 UTC |
CVE-2026-4925: CWE-862 in Devolutions ServerCVE-2026-4925 0 Improper access control in the users MFA feature in Devolutions Server allows an authenticated user to bypass administrator-enforced restrictions and remove their own multi-factor authentication (MFA) configuration via a crafted request. This issue affects Server: from 2026.1.6 through 2026.1.11. Join the discussion | CVE Database V5 | 04/01/2026, 15:02:06 UTC Added: 04/01/2026, 15:23:19 UTC |
CVE-2026-4924: CWE-1390 in Devolutions ServerCVE-2026-4924 0 Improper authentication in the two-factor authentication (2FA) feature in Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid credentials to bypass multifactor authentication and gain unauthorized access to the victim account via reuse of a partially authenticated session token. Join the discussion | CVE Database V5 | 04/01/2026, 14:50:51 UTC Added: 04/01/2026, 15:23:19 UTC |
CVE-2026-4829: CWE-287 in Devolutions ServerCVE-2026-4829 0 Improper authentication in the external OAuth authentication flow in Devolutions Server 2026.1.11 and earlier allows an authenticated user to authenticate as other users, including administrators, via reuse of a session code from an external authentication flow. Join the discussion | CVE Database V5 | 04/01/2026, 14:44:05 UTC Added: 04/01/2026, 15:23:19 UTC |
CVE-2026-4828: CWE-1390 in Devolutions ServerCVE-2026-4828 0 Improper authentication in the OAuth login functionality in Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid credentials to bypass multi-factor authentication via a crafted login request. Join the discussion | CVE Database V5 | 04/01/2026, 14:48:53 UTC Added: 04/01/2026, 15:23:19 UTC |
Showing 1 to 10 of 2771 results