Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Texas sues TP-Link over alleged deceptive labeling and security risks
Texas sued TP-Link, accusing the company of deceptive “Made in Vietnam” labeling and security failures that allowed state-backed hackers to exploit firmware flaws. The suit seeks monetary penalties and injunctions to force disclosure and change data practices.
-
Intruder accessed France’s FICOBA registry exposing data for 1.2 million accounts
A late January 2026 breach of France’s FICOBA exposed data tied to 1.2 million bank accounts including IBANs and personal details. Banks were alerted and authorities filed a criminal complaint.
-
Massiv Android trojan hides in IPTV droppers to enable device takeover and banking fraud
Researchers published a technical analysis of Massiv, an Android trojan spread as IPTV droppers that enables remote device takeover, screen streaming and overlays to steal banking credentials. Initial campaigns targeted Portugal and Greece in early 2025.
-
CRESCENTHARVEST campaign uses deceptive .LNK files to deploy RAT against Iran protest supporters
CRESCENTHARVEST used RAR archives and deceptive .LNK files to deliver a remote access trojan and data stealer to Farsi speaking supporters of Iran protests. It is not known if any infections succeeded.
-
Critical unauthenticated RCE in Grandstream GXP1600 VoIP phones tracked as CVE-2026-2329
Critical unauthenticated buffer overflow in Grandstream GXP1600 VoIP phones CVE-2026-2329 scores 9.3 and allows unauthenticated remote root execution. A vendor firmware update addresses the flaw.
-
DDoS attack disrupts Deutsche Bahn booking and timetable systems
A Deutsche Bahn blog post said a DDoS attack disrupted bahn.de and the DB Navigator app starting about 1545 UTC on 17 February. Services were restored with limitations by about 1300 UTC on 18 February.
-
Critical flaws found in four Visual Studio Code extensions
Researchers disclosed multiple high severity vulnerabilities in four popular Visual Studio Code extensions with more than 125 million installs. Several flaws remain unpatched and one extension was silently fixed by Microsoft in version 0.4.16.
-
China-linked group exploited Dell RecoverPoint zero-day
Researchers found UNC6201 exploiting a hardcoded-password zero-day in Dell RecoverPoint for VMs since mid-2024, enabling root access. A vendor advisory and patch were issued. The campaign shifted from Brickstorm to a stealthier Grimbolt backdoor.
-
Spanish court orders NordVPN and ProtonVPN to block 16 LaLiga piracy sites
A Spanish court ordered NordVPN and ProtonVPN to block 16 websites used to pirate LaLiga matches in Spain. The precautionary measures apply to a dynamic list of IP addresses and were issued inaudita parte without opportunity for appeal.
-
Notepad++ adds double-lock update verification in 8.9.2 after supply-chain compromise
Notepad++ 8.9.2 adds a double-lock update verification that checks a signed installer and a digitally signed update XML. The change follows a six-month compromise that redirected some updates starting in June 2025.
