Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
New Showboat Linux malware targeted telecom provider in Middle East, researchers say
Researchers say Showboat, a new Linux malware family, has targeted a telecommunications provider in the Middle East since at least mid-2022. The campaign also involved victims in Afghanistan, Azerbaijan, the United States and Ukraine.
-
Microsoft says two Defender flaws are under active exploitation
Microsoft said two Defender vulnerabilities, including one that could lead to SYSTEM privileges, are under active exploitation. CISA has added both flaws to its known exploited list and set a June 3 deadline for federal agencies.
-
Nine-year-old Linux kernel flaw can expose credentials and enable root access
Researchers disclosed a Linux kernel flaw that went unnoticed for nine years and could let a local attacker steal sensitive files or gain root access on some major distributions. Patches are available and a temporary workaround has also been outlined.
-
Ukraine says it identified 18-year-old suspect in infostealer case tied to 28,000 accounts
Ukraine said it identified an 18-year-old suspect in Odesa in an infostealer case tied to 28,000 customer accounts, with 5,800 used for unauthorized purchases totaling about $721,000.
-
Hackers bypass SonicWall VPN MFA after incomplete patching
Threat actors bypassed MFA on SonicWall Gen6 SSL-VPN appliances in attacks between February and March, exploiting a flaw that stayed open on devices that were updated but not fully remediated, according to a ReliaQuest analysis.
-
Webworm adds Discord and Microsoft Graph backdoors in new 2025 campaign
Webworm used new backdoors in 2025 that relied on Discord and Microsoft Graph API for command and control, according to an ESET technical analysis. The group also expanded its proxy tools and targeted government and enterprise networks in Asia and Europe.
-
Drupal warns of critical security update later today
Drupal plans a core security update later today and warned that exploits could follow within hours. The advisory affects core versions 8 and later, with fixes planned for supported releases and hotfixes for some older branches.
-
GitHub investigates claim of internal repository theft after TeamPCP listing
GitHub said it is investigating unauthorized access to internal repositories after TeamPCP claimed it was selling source code and internal data. The company said it has no evidence of customer impact outside internal repositories.
-
Microsoft disrupts malware-signing service tied to ransomware groups
Microsoft said it disrupted a malware-signing service that abused its Artifact Signing platform to issue more than 1,000 fraudulent certificates used by ransomware gangs and other cybercriminals.
-
CISA left GitHub repo with passwords and keys exposed for six months
CISA left a public GitHub repository exposed for six months, revealing passwords, keys and tokens in production infrastructure files. GitGuardian found the leak on May 14 and the agency removed the repo the next day.
