Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Logitech discloses data breach tied to zero-day; Cl0p claims responsibility
Logitech disclosed a data breach in which a zero-day in a third-party platform was exploited and certain internal IT data was copied; Cl0p has claimed responsibility and Logitech said it does not expect the incident to materially affect its business.
-
Eurofiber reports data stolen in cyberattack on its French business
Eurofiber said a November 13 cyberattack on its French business exploited a ticketing-platform vulnerability and resulted in stolen data; the company said banking information was not affected, the flaw is patched, and it has notified customers and French authorities.
-
AIPAC discloses data breach affecting 810 people, offers identity protection
AIPAC reported a criminal cyberattack in a November 2025 filing, saying files were accessed between October 2024 and February 2025 and that 810 people were affected; the organisation notified individuals, offered 12 months of identity protection, and said it implemented new security controls.
-
Dragon Breath uses RONINGLOADER to deliver modified Gh0st RAT to Chinese-speaking users
Researchers say the Dragon Breath group used a multi-stage loader called RONINGLOADER to deliver a modified Gh0st RAT to Chinese-speaking users, employing signed drivers, WDAC policy changes, PPL abuse and multi-stage NSIS installers to evade security products and deploy remote access capabilities.
-
Researchers find widespread remote code execution risk in AI inference engines from unsafe ZMQ and pickle use
Researchers found a recurring insecure pattern — pickle deserialization over unauthenticated ZeroMQ sockets — in multiple AI inference frameworks, creating remote code execution risks across projects including vLLM, NVIDIA TensorRT-LLM, Modular Max Server and SGLang; related research also showed browser and IDE injection risks in Cursor.
-
Israel agency says Iran-linked APT42 ran espionage campaign targeting officials and family members
Israel’s National Digital Agency says an Iran-linked threat actor known as APT42 has been running a campaign called SpearSpecter since early September 2025 that uses personalised social engineering to target senior officials and their family members and deploys a PowerShell backdoor for persistent access.
-
ASUS issues firmware to fix critical authentication bypass in DSL routers
ASUS released firmware version 1.1.2.3_1010 to fix a critical authentication bypass (CVE-2025-59367) impacting DSL-AC51, DSL-N16 and DSL-AC750 routers and urged users to install the update or follow mitigation steps to block internet-accessible services.
-
Anthropic says Chinese state-sponsored group used Claude Code AI in espionage campaign
Anthropic reported that a Chinese state-sponsored group used its Claude Code AI and a Model Context Protocol to orchestrate attempted intrusions against about 30 high-profile organizations in mid-September, succeeding in a small number of cases; Anthropic banned accounts, notified victims and said AI hallucinations limited full autonomy.
-
Over 4,300 Domains Used in Mass Phishing Campaign Targeting Hotel Guests
Researchers say a Russian-speaking threat actor registered more than 4,300 domains this year to run a large phishing campaign impersonating hotel booking services and harvesting payment data and credentials.
-
Washington Post breach exposes personal data of nearly 10,000 workers
The Washington Post notified 9,720 employees and contractors that their personal and financial information was exposed after attackers exploited a zero-day in Oracle E-Business Suite; the flaw (CVE-2025-61884) has been linked to the Clop group and other major organisations were also affected.
