Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
SecurityScorecard: 135,000 plus internet-exposed OpenClaw instances found
SecurityScorecard’s STRIKE team found more than 135,000 internet-exposed OpenClaw instances and tens of thousands vulnerable to a known RCE bug. Users are urged to restrict network bindings and limit agent access.
-
Ivanti EPMM zero-days exploited in breach affecting Dutch data protection authority
A letter to the Dutch parliament said attackers exploited Ivanti EPMM vulnerabilities on 29 January, causing a breach that affected employees at the Dutch Data Protection Authority and the Council for the Judiciary with contact details possibly exposed.
-
DKnife targets network gateways in long-running AitM campaign
DKnife is a modular adversary-in-the-middle framework that has operated on network gateways since at least 2019. It inspects and manipulates traffic to hijack updates and deliver malware to downstream devices.
-
Bloody Wolf campaign installs NetSupport RAT in Uzbekistan and Russia
A spear-phishing campaign installed NetSupport RAT on about 50 devices in Uzbekistan and 10 in Russia using PDF-based loaders that enforce install limits and set persistent autorun scripts while Mirai payloads were staged.
-
Worm-driven TeamPCP campaign compromises cloud native infrastructure at scale
A worm-driven campaign by TeamPCP exploited exposed Docker, Kubernetes, Ray and React vulnerabilities around Dec 25, 2025 to build proxy and scanning infrastructure for data theft, extortion and cryptocurrency mining, researchers report.
-
European Commission discloses breach of mobile device management platform
The European Commission detected a cyber-attack on its mobile device management system on January 30 that may have exposed staff names and mobile numbers. The system was cleaned within nine hours and investigations are under way.
-
BeyondTrust patches critical pre-auth RCE in Remote Support and Privileged Remote Access
BeyondTrust released patches for CVE-2026-1731, a critical pre-auth remote code execution flaw affecting Remote Support and older Privileged Remote Access versions. Self-hosted instances must apply updates or upgrade to reach patchable releases.
-
Spain Ministry of Science partially shuts electronic services after technical incident
A technical incident prompted a partial shutdown of Spain’s Ministry of Science electronic headquarters, suspending administrative procedures. A threat actor claims an IDOR exploit and leaked data samples, while the ministry says the closure is under assessment.
-
Sapienza University offline after cyberattack disrupts campus systems
Sapienza University in Rome shut down network systems after a cyberattack, taking its website offline and disrupting services for more than 112,500 students as technicians and national authorities work to restore systems.
-
Romanian oil pipeline operator reports cyberattack that took website offline
Conpet reported a cyberattack that disrupted its corporate IT systems and disabled its website on Tuesday. Operational technology remained unaffected and authorities were notified. A ransomware group using the Qilin name posted files presented as proof.
