Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Palo Alto Networks in talks to buy Israeli cybersecurity startup Koi for about $400 million
Palo Alto Networks is reported to be in talks to buy Israeli startup Koi for about $400 million. Koi, founded in 2024 and backed with $48 million, offers an AI driven supply chain security platform that protects over 500,000 endpoints.
-
Cisco in advanced talks to buy Axonius for $2 billions
Cisco is in advanced talks to acquire Israeli cybersecurity firm Axonius for $2 billion, according to a Calcalist report. Axonius was previously valued at $2.6 billion and has raised about $700 million.
-
Cyber incident forces two day closure at Warwickshire school
A cyber incident shut down IT at Higham Lane School in Nuneaton, cutting phones, email and servers and forcing a two day closure. Recovery work involves a Department for Education response team and trust IT experts.
-
UK launches Government Cyber Action Plan with £210 million pledge
The UK launched a Government Cyber Action Plan with a £210 million pledge to create a Government Cyber Unit and new cyber profession while aligning departments with critical infrastructure security requirements to strengthen public sector defences.
-
Critical path traversal in @adonisjs/bodyparser allows arbitrary file writes
A critical path traversal in the @adonisjs/bodyparser npm package tracked as CVE-2026-21440 with CVSS 9.2 can permit arbitrary file writes. Patches are available in versions 10.1.2 and 11.0.0-next.6
-
Critical n8n flaw CVE-2025-68668 allows authenticated command execution on host
A critical sandbox bypass in the n8n Python Code Node, tracked as CVE-2025-68668 and rated CVSS 9.9, allows authenticated workflow authors to execute OS commands on hosts. The issue is fixed in n8n 2.0.0.
-
Internet outage in Caracas coincided with U.S. cyber effects as forces entered Venezuela
NetBlocks reported a loss of internet connectivity in Caracas during early Saturday power cuts as U.S. Cyber Command and Space Command layered cyber effects to create a pathway for U.S. forces entering Venezuela. PDVSA said no facilities were damaged.
-
AI agents flagged as new insider threat in 2026 by Palo Alto report
A Palo Alto Networks predictions report warns AI agents are a new insider threat in 2026 as Gartner forecasts 40 percent of enterprise apps will adopt task specific agents. The report highlights privilege risk, prompt injection and defensive uses.
-
New Python stealer called VVS Stealer harvests Discord tokens and browser data
VVS Stealer is a Python based information stealer that harvests Discord tokens and browser data. A Unit 42 technical analysis found it is Pyarmor obfuscated and offered for sale on Telegram from April 2025.
-
Kimwolf botnet infects more than 2 million devices by tunneling through residential proxy networks
A technical analysis by Synthient found the Kimwolf botnet has infected over 2 million devices by tunneling through residential proxy services into home networks. Many infections involve inexpensive Android TV boxes and digital photo frames with insecure defaults.
