Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Security Flaw in McDonald’s AI Hiring Tool Exposes Personal Data of 64 Million Job Seekers
A security flaw in McDonald’s AI hiring tool, McHire, has led to the exposure of personal data for over 64 million job seekers. Researchers discovered that default credentials and an Insecure Direct Object Reference vulnerability allowed unauthorized access to sensitive information.
-
Nippon Steel Solutions Reports Data Breach Amid Cybersecurity Investigation
Nippon Steel Solutions has reported a data breach following a zero-day vulnerability exploitation, impacting customer and employee data. The company is investigating the incident while implementing stricter security measures.
-
Major Security Flaw Exposes Billions of eSIM Devices to Spy Attacks
A new study reveals critical vulnerabilities in eSIM technology, affecting billions of devices worldwide. Security expert Adam Gowdiak warns that these flaws could allow attackers to spy on users and manipulate services, raising concerns over the potential for espionage and unauthorized access to sensitive information.
-
Critical Remote Code Execution Vulnerability Discovered in mcp-remote Project
A critical vulnerability in the mcp-remote project could allow hackers to execute arbitrary operating system commands, prompting updates and stronger security practices for users.
-
Vulnerabilities in Bluetooth Technology Threaten Major Automakers
Recent vulnerabilities discovered in the BlueSDK Bluetooth stack pose critical security risks for major automakers, with potential for remote code execution and unauthorized access to vehicle systems.
-
New macOS Malware ZuRu Discovered Targeting Users Through Legitimate Software
Security researchers have identified a new macOS malware called ZuRu, which propagates via trojanized versions of legitimate software such as Termius. Discovered by SentinelOne, the malware adapts techniques to target users seeking trusted apps, reflecting an opportunistic threat landscape for macOS users.
-
AMD Issues Warning on New Transient Scheduler Vulnerabilities in Chipsets
AMD has issued a warning regarding new vulnerabilities termed Transient Scheduler Attacks (TSA) that could expose sensitive data across its chipsets, necessitating immediate attention and remedial updates.
-
New Espionage Group Exploits Microsoft Exchange Zero-Day Vulnerability to Target Chinese High-Tech Industries
A report reveals that the NightEagle Group, an advanced persistent threat, has exploited a zero-day vulnerability in Microsoft Exchange to extract intelligence from Chinese military and tech firms, raising concerns about cyber espionage and the implications for national security.
-
New Vulnerability in ServiceNow Exposes Sensitive Data to Low-Privileged Users
A newly identified vulnerability in ServiceNow, known as Count(er) Strike, allows low-privileged users to access sensitive data improperly, prompting urgent calls for enhanced security measures from enterprises using the platform.
-
DoNot APT Expands Cyber Espionage Attacks in Europe
Recent cyber espionage activities attributed to the DoNot APT group highlight an alarming expansion of their operations targeting European foreign affairs ministries and other government entities, utilizing sophisticated malware to harvest sensitive information.
