Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Microsoft patches SharePoint flaw that could let authenticated attackers run code
Microsoft has patched a SharePoint remote code execution flaw tracked as CVE-2026-45659, saying an authenticated attacker with Site Member access could exploit it. The update covers several SharePoint Server versions.
-
Iran-linked hackers use new MiniFast backdoor in campaign across U.S., Europe and Middle East
Iran-linked hackers used a new MiniFast backdoor in a campaign targeting aviation and software sectors across several regions, according to a technical analysis. The activity also involved fake job lures, trojanized installers and search engine poisoning.
-
KnowledgeDeliver flaw used in zero-day attacks to deploy Godzilla web shell
A zero-day flaw in Digital Knowledge’s KnowledgeDeliver learning management system was used to deploy the Godzilla web shell and later Cobalt Strike Beacon. The issue stemmed from hard-coded ASP.NET machine keys and affected deployments before Feb. 24, 2026.
-
Anthropic may be preparing public rollout of restricted Claude Mythos model
Anthropic appears to be preparing a public rollout of its restricted Claude Mythos model after it briefly surfaced in Claude Code and Claude Security, following an April preview that said it could generate highly capable cyberattacks.
-
Lazarus Group Uses Memory-Only RemotePE Malware Against Crypto Firms
Researchers say Lazarus Group has used the RemotePE malware family against financial and cryptocurrency targets. The in-memory trojan leaves little forensic evidence and was linked to a multi-stage attack chain with several loaders.
-
TrapDoor supply chain attack spreads across npm, PyPI and Crates.io
A coordinated supply chain campaign has spread malicious packages across npm, PyPI and Crates.io, targeting developers with code that steals credentials, wallets, SSH keys and cloud secrets.
-
Ghost CMS flaw exploited in large-scale ClickFix campaign
A campaign is using a critical Ghost CMS SQL injection flaw to inject malicious JavaScript and drive ClickFix attacks, with researchers saying more than 700 domains were affected.
-
CISA adds exploited Langflow and Trend Micro flaws to vulnerability catalog
CISA added exploited flaws in Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities catalog on Thursday, citing active attacks. Federal civilian agencies must patch the issues by June 4, 2026.
-
Cisco patches maximum-severity flaw in Secure Workload
Cisco has patched a CVSS 10.0 flaw in Secure Workload that could let an unauthenticated remote attacker read sensitive data and make configuration changes. The company said it found the bug during internal testing and has seen no signs of abuse.
-
Europol says it took down First VPN in cybercrime crackdown
European authorities shut down First VPN, a service used by cybercriminals to hide activity, and arrested the alleged administrator in Ukraine, Europol said. Officials also seized servers and domains and identified thousands of users linked to crime.
