Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
U.S. to Withdraw From Several International Cybersecurity Organizations
The White House announced the U.S. will withdraw from 66 international organizations, including several that work on cybersecurity, prompting critics to warn of weakened multinational coordination on cyber defenses and online rights.
-
Cisco issues updates for ISE XML parsing flaw CVE-2026-20029 and Snort 3 bugs
Cisco issued updates on Jan 8, 2026 to fix a medium severity XML parsing flaw in Identity Services Engine CVE-2026-20029 with a public proof of concept. The company also patched two Snort 3 DCE/RPC vulnerabilities.
-
Black Cat uses SEO poisoning to distribute backdoor, compromises about 277,800 hosts in China
A CNCERT/CC and ThreatBook technical analysis links the Black Cat gang to an SEO poisoning campaign that pushed fake software downloads and implanted a backdoor, compromising about 277,800 hosts in China between December 7 and 20, 2025.
-
ownCloud urges users to enable MFA after credential theft reports
ownCloud urged users to enable multi-factor authentication after attackers used credentials stolen by infostealer malware to access self-hosted file sharing instances. The advisory recommends MFA, password resets, session invalidation, and log review.
-
Phishing actors spoof internal addresses by abusing complex email routing, Microsoft warns
Microsoft warned that phishing actors exploit complex mail routing and misconfigured spoof protections to send emails appearing internal, and that more than 13 million messages tied to the Tycoon 2FA kit were blocked in October 2025.
-
Command injection in legacy D-Link DSL routers tracked as CVE-2026-0625 and actively exploited
A security advisory warns of an active command injection vulnerability, CVE-2026-0625, in several end-of-life D-Link DSL routers. Vendors recommend retiring affected models and replacing them with supported devices.
-
Two Chrome extensions exfiltrated ChatGPT and DeepSeek conversations from 900,000 users
A technical analysis by OX Security found two malicious Chrome extensions that collected ChatGPT and DeepSeek conversations and tab URLs from about 900,000 users and sent the data to external servers on a regular schedule.
-
Unpatched TOTOLINK EX200 firmware flaw can start unauthenticated root telnet
A CERT/CC advisory disclosed CVE-2025-65606 in the TOTOLINK EX200 that can trigger an unauthenticated root telnet service. The vendor has not issued a patch and the product appears unsupported.
-
PHALT#BLYX campaign uses fake Booking emails and BSoD lures to deliver DCRat
PHALT#BLYX used fake Booking.com reservation emails and a bogus blue screen lure in late December 2025 to deliver the DCRat remote access trojan to European hospitality systems.
-
Palo Alto Networks in talks to buy Israeli cybersecurity startup Koi for about $400 million
Palo Alto Networks is reported to be in talks to buy Israeli startup Koi for about $400 million. Koi, founded in 2024 and backed with $48 million, offers an AI driven supply chain security platform that protects over 500,000 endpoints.
