Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
ShinyHunters posts 12.4 million records alleged to be from CarGurus
A 6.1GB archive claiming 12.4 million CarGurus records was posted by ShinyHunters on February 21. A Have I Been Pwned breach listing says about 3.7 million records appear to be new.
-
Lazarus Group uses Medusa ransomware in Middle East attack
A technical report by Broadcom’s Symantec and Carbon Black Threat Hunter Team reported that the Lazarus Group used Medusa ransomware in a Middle East attack and attempted an unsuccessful strike against a U.S. healthcare organization.
-
UnsolicitedBooker uses LuciDoor and MarsSnake to target Central Asian telecoms
UnsolicitedBooker deployed LuciDoor and MarsSnake backdoors against telecom companies in Kyrgyzstan and Tajikistan using phishing and multiple loaders between September 2025 and January 2026.
-
Anthropic reports three firms used 24,000 fake accounts to extract Claude in over 16 million exchanges
Anthropic reported that three China based AI firms used about 24,000 fraudulent accounts to run distillation campaigns against Claude that produced over 16 million exchanges targeting reasoning, coding and tool use capabilities.
-
AI-assisted actor exploits weak FortiGate management to compromise over 600 devices
A technical report by Amazon Integrated Security says a Russian-speaking actor used commercial generative AI to compromise more than 600 FortiGate firewalls across 55 plus countries by exploiting exposed management ports and weak credentials.
-
Security analysis finds vulnerabilities in popular mental health apps on Google Play
A technical analysis by Oversecured found vulnerabilities in popular Android mental health apps that can expose conversation histories and mood data. Affected apps have tens of millions of combined downloads and the flaws remain unpatched.
-
APT28 targets Western and Central Europe with document beacons and webhook exfiltration
APT28 ran Operation MacroMaze from September 2025 to January 2026 targeting Western and Central Europe, using spear-phishing documents that beacon to webhook hosts and exfiltrate command output through browser-based HTML forms.
-
Polish police dismantle Facebook phishing ring that seized more than 100,000 logins
Polish cybercrime officers dismantled a phishing ring that seized Facebook accounts and BLIK codes. Investigators identified 11 members, seized over 100,000 logins and passwords, and more than 400 charges have been filed.
-
Pirated software lure spreads wormable XMRig miner that uses BYOVD to boost hashrate
Trellix reported a cryptojacking campaign that used pirated software bundles to deliver a wormable XMRig miner on Windows hosts. The malware uses a vulnerable driver to raise mining hashrate and spread via removable media during November and early December 2025.
-
Arkanix Stealer MaaS advertised on forums targeted 22 browsers and crypto wallets
Kaspersky analysis found Arkanix Stealer marketed in October 2025 as malware as a service. The campaign used Python and native loaders to harvest data from 22 browsers, gaming clients and crypto wallets before the panel was taken down.
