Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Malicious npm packages spread self-propagating worm through stolen developer tokens
Researchers found a self-propagating npm supply chain worm in April 2026 that stole developer secrets, reused npm tokens to publish poisoned packages and also included PyPI propagation logic.
-
Mirai campaign targets unpatched D-Link router flaw
A Mirai-based malware campaign is exploiting CVE-2025-29635 in end-of-life D-Link DIR-823X routers, according to Akamai. The attacks download a shell script that installs botnet malware and also target other router flaws.
-
Harvester deploys Linux version of GoGra backdoor in South Asia targeting campaign
Harvester has deployed a Linux version of its GoGra backdoor in attacks likely aimed at South Asia, using Microsoft cloud email services as a covert control channel, according to a technical analysis by Symantec and Carbon Black Threat Hunter Team.
-
Researchers find Lotus Wiper targeting Venezuela’s energy and utilities sector
Researchers said a new wiper called Lotus Wiper hit Venezuela’s energy and utilities sector in late 2025 and early 2026, erasing recovery options and using Windows tools to destroy data across infected systems.
-
Microsoft patches critical ASP.NET Core flaw that could enable privilege escalation
Microsoft has issued an out-of-band fix for a critical ASP.NET Core vulnerability, CVE-2026-40372, that could let attackers elevate privileges and forge protected payloads under specific conditions.
-
Mustang Panda-linked LOTUSLITE variant targets India banking sector
A new LOTUSLITE malware variant has been spotted in a campaign aimed at India’s banking sector, with related lures also tied to South Korean and U.S. policy communities.
-
Cohere AI Terrarium sandbox flaw can let attackers run code as root
A critical flaw in Cohere AI’s Terrarium Python sandbox could allow arbitrary code execution as root, with CERT/CC warning that the bug may let attackers escape the sandbox and reach host or container resources.
-
French government agency confirms data breach after hacker claims 19 million records
France Titres, the French agency that issues identity and registration documents, said a security incident may have exposed account data. A hacker later claimed to be selling up to 19 million records.
-
SystemBC C2 server tied to The Gentlemen exposes 1,570 victims
Check Point Research said a SystemBC command-and-control server linked to The Gentlemen ransomware operation exposed more than 1,570 victims worldwide, underscoring how proxy malware can support larger intrusion campaigns.
-
NGate malware campaign targets Brazil through trojanized HandyPay app
Researchers found a new NGate Android malware campaign targeting Brazil since around November 2025. The trojanized HandyPay app can relay NFC payment data, capture PINs and help thieves carry out fraudulent ATM withdrawals.
