Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Council of Europe authorises EU to sign UN cybercrime convention
The Council of Europe authorised the European Commission and member states to sign the UN Convention against Cybercrime, a treaty adopted by the UN General Assembly in December 2024 that sets common rules for criminalising cyber offences and exchanging electronic evidence, with safeguards to protect human rights.
-
SimonMed says 1.2 million patients impacted in January data breach
SimonMed Imaging said more than 1.2 million people were affected by a data breach that gave attackers access to its network from Jan. 21 to Feb. 5; Medusa ransomware claimed the theft and the company said it found no evidence of misuse as of Oct. 10.
-
Netherlands places Nexperia under special administrative measures over governance concerns
The Netherlands has placed Chinese-owned Nexperia under special administrative measures under the Goods Availability Act, citing governance failures and risks to European chip capabilities; the company’s owner Wingtech has disputed the move and said it will effectively freeze operations.
-
Trend Micro: RondoDox botnet campaign expands to exploit more than 50 flaws across 30 vendors
Trend Micro said RondoDox campaigns have widened to exploit more than 50 vulnerabilities across over 30 vendors, using a loader-as-a-service model that bundles RondoDox with Mirai and Morte, and researchers linked the activity to large-scale botnet operations and coordinated RDP attacks.
-
Microsoft tightens Edge’s Internet Explorer mode after reports of exploit chain
Microsoft said it has tightened Internet Explorer mode in Edge after reports that attackers used social engineering and unpatched Chakra 0-day exploits to gain remote code execution and escalate privileges, and the company removed easier IE mode launch options and now requires explicit enabling.
-
Astaroth banking trojan leverages GitHub to restore command-and-control, McAfee says
McAfee Labs reported that the Astaroth banking trojan campaign uses GitHub-hosted images with steganography to update configurations and maintain access after C2 takedowns; the campaign targets Brazil and other Latin American countries and is delivered via DocuSign-themed phishing emails.
-
Smishing texts impersonate New York tax agency to steal inflation refund details
Smishing texts impersonating the New York Department of Taxation and Finance are urging recipients to submit payment and personal details to claim “Inflation Refunds,” BleepingComputer reported; state officials said the refunds are automatic and advised people not to provide information and to report suspected scams.
-
Unauthenticated flaw in Gladinet CentreStack and Triofox (CVE-2025-11371) exploited in the wild
Security researchers say CVE-2025-11371, an unauthenticated local file inclusion in Gladinet CentreStack and Triofox, is being exploited in the wild; Huntress recommends removing a handler from the UploadDownloadProxy Web.config as a temporary mitigation while Gladinet prepares a patch.
-
Researchers: Stealit malware uses Node.js single-executable feature to spread
Fortinet researchers said the Stealit malware campaign is abusing Node.js’ experimental Single Executable Application feature and, in some variants, Electron, to distribute stealers and a RAT via counterfeit installers on file‑sharing sites.
-
Researchers find 175 npm packages used to host phishing infrastructure in ‘Beamglea’ campaign
Researchers say 175 npm packages were used to host redirect scripts and HTML payloads for a credential-phishing campaign called Beamglea that has been downloaded about 26,000 times and targeted more than 135 companies worldwide.
