Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
GhostPoster campaign hid JavaScript in Firefox extension icons to load backdoor
Researchers at Koi Security uncovered the GhostPoster campaign, which hides a JavaScript loader inside Firefox extension icon images to fetch an obfuscated payload that can hijack affiliate links, inject tracking, strip security headers and conduct ad and click fraud; Mozilla said it removed the affected extensions and updated detection systems.
-
Amazon says it disrupted GRU-linked campaign that targeted misconfigured edge network devices
Amazon says it disrupted a years-long campaign attributed to the Russian GRU that shifted from exploiting software flaws to targeting misconfigured edge devices on customer cloud infrastructure, and that it has protected affected EC2 instances, notified customers and shared intelligence.
-
Texas sues five TV makers over alleged secret collection of viewing data
Texas Attorney General Ken Paxton sued Sony, Samsung, LG, Hisense and TCL, alleging their smart TVs used Automated Content Recognition to capture and transmit viewing data without consent; Paxton’s office also warned of national security risks tied to China-based companies.
-
Cyberattack Disrupts PDVSA Export Systems, Company Says Operations Unaffected
PDVSA said a weekend cyberattack hit administrative systems but not operations; internal memos and source accounts cited by Bloomberg and Reuters indicate export and terminal systems were offline and cargo deliveries halted, while PDVSA blamed the United States and domestic conspirators.
-
New ‘SantaStealer’ infostealer marketed on forums
Rapid7 researchers said a new malware-as-a-service infostealer called SantaStealer is being marketed on Telegram and forums, offers subscription plans, includes multiple data-theft modules and appears to have leaked samples that undermine claims of stealth.
-
PornHub targeted by ShinyHunters after Premium member activity data reportedly stolen
PornHub says it is being extorted by the ShinyHunters gang after activity data for some Premium members was reportedly stolen in a Mixpanel-related incident; Mixpanel says it can find no indication the records were taken in its November 2025 incident.
-
ABA says deepfakes and generative AI are eroding court evidence and procedures
The American Bar Association’s report warns that generative AI and deepfakes are undermining legal procedures and evidence while also offering efficiency gains; the ABA has convened a task force to develop guidance on authenticity, liability and courtroom use.
-
Researchers: Popular Chrome VPN extension collected AI chatbot prompts and responses
Security researchers reported that the Chrome extension Urban VPN Proxy was observed collecting prompts and responses from multiple AI chatbots, sending captured conversation data to external servers; researchers linked the behavior to a July 9, 2025 update and raised concerns about downstream sharing with affiliated data firms.
-
700Credit breach exposes data of 5.8 million dealership customers
700Credit said a breach that originated at an integration partner exposed personal data of more than 5.8 million vehicle dealership customers, including Social Security numbers; the company is notifying affected individuals and offering TransUnion monitoring.
-
CISA orders immediate patching after active exploitation of critical GeoServer XXE flaw
CISA has ordered federal agencies to patch a critical unauthenticated XML External Entity flaw in GeoServer (CVE-2025-58360) that is being actively exploited; researchers warn the bug can disclose files and enable SSRF, and public scans show thousands of exposed instances.
