Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
UEFI firmware flaw leaves early-boot DMA protections uninitialized on multiple motherboards
A firmware flaw affecting ASRock, ASUS, GIGABYTE and MSI motherboards can leave IOMMU uninitialized during early boot, allowing DMA-capable PCIe devices with physical access to read or modify system memory; four CVEs have been assigned and vendors have released firmware updates.
-
University of Sydney says coding repository breach exposed personal data of more than 27,000
The University of Sydney said an online coding repository was breached, exposing files with personal information for more than 27,000 current and former staff and students. The university blocked access, notified regulators, began notifying affected people and set up support services, but said there was no evidence the data has been published or misused.
-
HPE fixes critical OneView flaw rated CVSS 10.0 that allows remote code execution
Hewlett Packard Enterprise has fixed a CVSS 10.0 vulnerability in OneView (CVE-2025-37164) that could allow unauthenticated remote code execution; patches, version 11.00 and hotfixes for earlier releases, are available and should be applied promptly.
-
France detains Latvian crew member after malware found on Italian ferry
French authorities detained a Latvian crew member from the ferry Fantastic after discovering malware that investigators say could have enabled remote control; a Bulgarian crewmember was released and probes by the DGSI and Italian authorities are ongoing.
-
Kimsuky campaign uses QR codes to deliver DocSwap Android malware, South Korean firm says
South Korean firm ENKI linked the North Korean actor Kimsuky to a campaign distributing a DocSwap Android trojan via QR codes on phishing sites impersonating CJ Logistics; the malware decrypts an embedded APK, registers a RAT service and accepts many remote commands.
-
CISA adds critical ASUS Live Update flaw to known exploited vulnerabilities catalog
CISA added a critical ASUS Live Update vulnerability, CVE-2025-59374 (CVSS 9.3), to its Known Exploited Vulnerabilities catalog citing active exploitation; the flaw stems from a past supply chain compromise and vendors say affected builds were limited to devices meeting specific targeting conditions.
-
Cisco warns of active exploitation of AsyncOS zero-day by China-nexus APT
Cisco warned that a maximum-severity AsyncOS zero-day (CVE-2025-20393) is being actively exploited by a China-nexus APT, targeting Secure Email Gateway and Secure Email and Web Manager appliances; exploitation requires the Spam Quarantine feature to be exposed to the internet, and Cisco, CISA and other firms have issued mitigations and alerts.
-
SonicWall issues patch for actively exploited SMA 100 series privilege escalation bug
SonicWall released fixes for CVE-2025-40602, a local privilege escalation in SMA 100 series appliances that has been actively exploited; the flaw was reportedly used with CVE-2025-23006 to achieve unauthenticated root code execution, and users are urged to apply patches promptly.
-
Kaspersky links new Operation ForumTroll phishing wave to targeted attacks on Russian academics
Kaspersky detected a targeted October 2025 phishing campaign tied to Operation ForumTroll that used eLibrary impersonation and personalized one‑time links to deliver a PowerShell chain and the Tuoni remote access framework to academics in Russia; the group’s origins remain unknown.
-
China-linked Ink Dragon group targets European government networks, Check Point says
Check Point Research says a China-linked hacking cluster known as Ink Dragon has focused on European government targets since July 2025, using web shells, ShadowPad relays and modular tooling including FINALDRAFT to maintain stealthy, long-term access across multiple regions.
