Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
US agencies warn of Iranian-linked attacks on internet-facing PLCs
US agencies warned that Iran-linked hackers are targeting internet-facing PLCs in critical infrastructure, including water and energy systems, and have caused display manipulation, device disruption and financial loss in some cases.
-
Hackers exploit critical Ninja Forms WordPress flaw, Wordfence says
Hackers are exploiting a critical flaw in the Ninja Forms File Uploads WordPress add-on that can allow arbitrary file uploads and remote code execution. Wordfence said it blocked more than 3,600 attacks in 24 hours, and the vendor has released a fix.
-
Docker flaw lets attackers bypass authorization plugins in some setups
Docker disclosed a high-severity flaw in Engine that could let attackers bypass authorization plugins in some setups. The issue, tracked as CVE-2026-34040, was patched in version 29.3.1 and linked to an incomplete fix for an earlier bug.
-
APT28 linked to router hijacking campaign that affected 200 organizations
APT28 has been linked to a campaign that hijacked insecure routers to redirect DNS traffic and steal credentials. The operation affected more than 200 organizations and 5,000 consumer devices, according to Microsoft.
-
Over 1,000 exposed ComfyUI instances targeted in crypto mining botnet campaign
A Censys technical analysis says more than 1,000 exposed ComfyUI instances are being scanned and infected in a campaign that installs crypto miners, a proxy botnet and persistence tools through unsafe custom nodes.
-
Grafana AI flaw could expose enterprise data in zero-click attack
Researchers say a critical Grafana flaw could let attackers use AI-powered dashboards to exfiltrate sensitive data without authentication. Grafana reportedly validated the issue and released a fix after disclosure by Noma Security.
-
GPUBreach attack can turn GPU Rowhammer bit flips into system takeover
Researchers at the University of Toronto say a new GPUBreach attack can use Rowhammer bit flips in GDDR6 GPU memory to corrupt page tables, gain GPU read and write access and potentially reach full system compromise.
-
Flowise flaw under active exploitation after critical code injection report
Threat actors are exploiting a critical Flowise code injection flaw, according to a technical analysis from VulnCheck. The issue can lead to remote code execution, and Flowise fixed it in version 3.0.6.
-
Iran-Linked Password-Spraying Campaign Hits Microsoft 365 Accounts in Middle East
An Iran-linked threat actor is suspected of targeting Microsoft 365 accounts in Israel and the United Arab Emirates in March 2026, affecting more than 300 organizations in Israel and over 25 in the U.A.E. across three attack waves.
-
DPRK-linked hackers use GitHub as command hub in South Korea attacks
DPRK-linked hackers used GitHub as command and control infrastructure in attacks on South Korean organizations, Fortinet said. The campaigns relied on LNK files, PowerShell, persistence tasks and trusted cloud services to hide activity.
