Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Startup Delve accused of supplying fake compliance evidence to customers
An anonymous Substack post accuses Delve of supplying fabricated compliance evidence to hundreds of customers, potentially exposing them to HIPAA criminal liability and GDPR fines. The company posted a blog response calling its product an automation platform.
-
China-linked group embeds stealthy kernel backdoors in telecom networks, Rapid7 says
Security firm Rapid7 reported that a China-linked threat cluster known as Red Menshen has embedded kernel-level implants and stealthy backdoors such as BPFDoor inside telecommunications networks to gather intelligence while evading conventional detection.
-
UK sanctions Xinbi marketplace linked to Southeast Asian scam centres
The U.K. has sanctioned Xinbi, a Chinese-language marketplace accused of selling stolen data and cryptocurrency services to scam centres in Southeast Asia, and targeted the operators of a large scam compound known as #8 Park, as part of efforts to disrupt crypto-based money laundering and large-scale investment fraud.
-
Phishing campaign targets TikTok for Business accounts with bot-blocking pages
A phishing campaign is targeting TikTok for Business accounts with bot-blocking pages that redirect through Google Storage and use a Cloudflare Turnstile check, then present fake login pages designed to capture credentials and session cookies.
-
Researchers find flaw that could let websites inject prompts into Anthropic’s Claude Chrome extension
Researchers disclosed a flaw called ShadowPrompt in Anthropic’s Claude Chrome extension that combined an overly permissive origin allowlist and a DOM-based XSS in an Arkose Labs CAPTCHA, allowing websites to inject prompts; Anthropic and Arkose issued fixes in December 2025 and February 2026.
-
Kaspersky links Coruna iOS exploit framework to Operation Triangulation, finds expanded targets
Kaspersky researchers say the Coruna exploit framework is an updated successor to the Operation Triangulation toolkit, adding support for A17 and M3 chips and iOS up to 17.2, and that its components include multiple exploit chains used in both espionage and financially motivated attacks.
-
Armenian Extradited to U.S. on Charges of Helping Run RedLine Infostealer
Hambardzum Minasyan, an Armenian national, was extradited to the U.S. and charged with helping manage the RedLine infostealer operation by registering servers, domains and a cryptocurrency account used for affiliate payments; he faces federal counts that carry up to 30 years in prison.
-
VoidStealer uses debugger trick to extract Chrome master key, researchers say
VoidStealer, a malware-as-a-service, uses a debugger-based method that leverages hardware breakpoints to extract Chrome’s v20_master_key from memory, researchers at Gen Digital reported.
-
CanisterWorm self propagates in npm after Trivy supply chain compromise
A self propagating worm called CanisterWorm followed a Trivy supply chain compromise to infect 47 npm packages. The worm uses an ICP canister dead drop and stolen npm tokens to publish malicious package versions.
-
Oracle issues emergency fix for critical Identity Manager and Web Services Manager RCE
Oracle issued an out-of-schedule patch for CVE-2026-21992, a critical unauthenticated remote code execution flaw in Identity Manager and Web Services Manager with a CVSS score of 9.8. Customers are urged to patch immediately.
