Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Vercel says breach linked to third-party AI tool exposed limited customer credentials
Vercel said a breach tied to a third-party AI tool exposed access to some internal systems and affected a limited subset of customers. The company said sensitive environment variables were not known to be accessed and urged credential rotation.
-
Critical protobuf.js flaw enables JavaScript code execution
A critical flaw in protobuf.js can let attackers execute JavaScript code through malicious schemas, with a proof-of-concept now public. The issue affects versions 8.0.0 and 7.5.4 and earlier, and patched releases are available.
-
Mirai variant Nexcorium targets TBK DVRs and outdated TP-Link routers
Threat actors are exploiting flaws in TBK DVR devices and unsupported TP-Link routers to spread a Mirai variant called Nexcorium, according to a Fortinet technical analysis and a Unit 42 disclosure. The malware adds persistence, brute-force and DDoS functions.
-
Global police seize 53 domains in DDoS-for-hire crackdown
Police in 21 countries seized 53 domains and arrested four people in Operation PowerOFF, a crackdown on DDoS-for-hire services used by more than 75,000 cybercriminals and tied to databases with over 3 million accounts.
-
CISA adds Apache ActiveMQ flaw CVE-2026-34197 to exploited list
CISA says a high-severity Apache ActiveMQ Classic flaw, CVE-2026-34197, is being exploited in the wild. The agency added it to its Known Exploited Vulnerabilities catalog and ordered federal fixes by April 30.
-
Researchers spot PowMix botnet targeting Czech workers
Researchers said the PowMix botnet has targeted workers in the Czech Republic since at least December 2025. The malware uses phishing-style ZIP files, in-memory execution and jittered command traffic to avoid detection.
-
Obsidian plugin abuse delivers new Windows backdoor in targeted campaign
Attackers abused Obsidian community plugins to deploy a new Windows backdoor in a targeted campaign against finance and cryptocurrency users. The intrusion was blocked, but the method showed how trusted app features can be used for code execution.
-
Ukraine warns of campaign targeting clinics with malware that steals browser and WhatsApp data
Ukraine’s CERT-UA said a March to April 2026 campaign targeted clinics, hospitals and some government bodies with malware that could steal browser and WhatsApp data, using phishing emails, LNK files and HTA loaders.
-
WordPress plugin suite hacked to push malware to thousands of sites
More than 30 WordPress plugins in the EssentialPlugin package were compromised with malicious code, affecting hundreds of thousands of installations. The malware could push spam pages and redirects, and WordPress.org issued a forced update.
-
Critical nginx-ui flaw under active exploitation, researchers say
A critical nginx-ui flaw tracked as CVE-2026-33032 is under active exploitation, with researchers warning that attackers can take over Nginx service on exposed systems in just two requests.
