Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Oracle issues emergency fix for critical Identity Manager and Web Services Manager RCE
Oracle issued an out-of-schedule patch for CVE-2026-21992, a critical unauthenticated remote code execution flaw in Identity Manager and Web Services Manager with a CVSS score of 9.8. Customers are urged to patch immediately.
-
Operation Alice shuts down 373,000 fake CSAM dark web sites
Operation Alice, led by Germany, shut down more than 373,000 dark web sites selling fake CSAM packages. About 10,000 buyers paid roughly $400,000 and investigators seized 287 servers, including 105 in Germany.
-
Critical Langflow RCE CVE-2026-33017 Exploited Within 20 Hours of Disclosure
A critical unauthenticated RCE in Langflow, CVE-2026-33017 (CVSS 9.3), was disclosed on March 17, 2026 and exploited within 20 hours. Users should apply patches, rotate secrets and restrict network access to public instances.
-
Denver crosswalk audio units broadcast anti-Trump message after default credentials used
Two crosswalk audio units on East Colfax Avenue in Denver played an anti-Trump message in March 2026. Local reporting links the access to factory-default credentials. Passwords were changed and police are investigating.
-
Authorities disrupt command servers for IoT botnets behind record DDoS attacks
U.S. authorities disrupted command servers for multiple IoT botnets on Thursday, targeting networks that infected at least 3 million devices and launched DDoS attacks peaking near 30 terabits per second.
-
Apple warns older iPhones vulnerable to web-based exploit kits
Apple warned in a support document that exploit kits Coruna and DarkSword can steal data from outdated iPhones via malicious websites. Users should install listed security updates or enable Lockdown Mode if updates are not possible.
-
Navia discloses data breach affecting nearly 2.7 million people
A U.S. benefits administrator reported a breach exposing personal data for nearly 2.7 million people after systems were accessed between December 22, 2025 and January 15, 2026. Affected people are being offered free identity monitoring.
-
Speagle malware hijacks Cobra DocGuard to hide data exfiltration
A technical analysis reported a new infostealer named Speagle that hijacks Cobra DocGuard servers to hide data exfiltration. The 32-bit .NET malware targets only systems with Cobra DocGuard installed and remains unattributed.
-
PolyShell flaw enables unauthenticated RCE and account takeover in Magento 2 stores
PolyShell affects Magento Open Source and Adobe Commerce version 2 installations, enabling unauthenticated code execution and stored XSS. Adobe published a fix only in a 2.4.9 alpha release while production versions remain vulnerable.
-
Critical Telnet flaw allows pre-auth remote code execution as root
A Dream Security advisory disclosed CVE-2026-32746, a CVSS 9.8 buffer overflow in GNU inetutils telnetd that allows unauthenticated remote code execution as root. Maintainers were notified on March 11 and a patch was prepared the next day.
