Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Australia warns of ClickFix attacks spreading Vidar Stealer malware
Australia’s cyber security agency warned of a ClickFix campaign using compromised WordPress sites to push Vidar Stealer. The advisory recommends restricting PowerShell, using allow-listing and updating WordPress plugins and themes.
-
Two US nationals sentenced for helping North Korea run laptop farms
Two U.S. nationals were sentenced to 18 months in prison for hosting laptops that helped North Korea’s remote IT worker scheme, which affected nearly 70 U.S. companies and generated about $1.2 million.
-
Fake Claude AI site pushes new Windows backdoor Beagle
A fake Claude AI website is pushing a malicious Claude-Pro Relay download that installs a new Windows backdoor called Beagle. The campaign uses a lookalike site, a 505MB archive and multiple malware delivery methods.
-
US commerce unit expands AI model testing agreements with Google, Microsoft and xAI
A US commerce unit has signed agreements with Google DeepMind, Microsoft and xAI to test frontier AI models before release, joining earlier deals with Anthropic and OpenAI as Washington weighs broader oversight.
-
vm2 library hit by a dozen critical Node.js sandbox escape flaws
A dozen critical vm2 vulnerabilities disclosed on May 7, 2026 can let attackers escape Node.js sandboxes, run code on the host and bypass allowlists. Fixes are available in vm2 3.11.2 and earlier patch releases.
-
Mirai-based xlabs_v1 botnet targets Android devices with exposed ADB
A Mirai-derived botnet called xlabs_v1 is targeting Android devices with exposed ADB services, using them for DDoS attacks and bandwidth-based profiling, according to a technical analysis from Hunt.io.
-
MuddyWater linked to Microsoft Teams intrusion that used Chaos ransomware branding
A Rapid7 technical analysis says MuddyWater used Microsoft Teams, screen-sharing and remote access tools in an early 2026 intrusion that looked like Chaos ransomware but focused on data theft and persistence.
-
Google expands Android binary transparency to verify apps and modules
Google has expanded Android binary transparency for production apps and Mainline modules released after May 1, 2026, adding a public cryptographic ledger meant to confirm that device software matches what was intended to ship.
-
CloudZ malware used Phone Link to target Windows data, researchers say
Researchers said CloudZ malware used a Pheno plugin to abuse Windows Phone Link on Windows 10 and 11, aiming to steal credentials and one-time passwords in an intrusion active since at least January 2026.
-
Palo Alto says PAN-OS flaw is under active exploitation
Palo Alto Networks said a critical PAN-OS buffer overflow flaw is being exploited in the wild and can let unauthenticated attackers run code with root privileges on exposed firewalls.
