Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
US Secret Service Dismantles Network of 300 SIM Servers Near UN General Assembly
The U.S. Secret Service said it dismantled a network of more than 300 SIM servers and 100,000 SIM cards across the New York area, potentially capable of disrupting telecommunications and enabling encrypted communications for threat actors, with investigations linking to nation-state actors and reports of assassination threats near the UN General Assembly.
-
Iranian-linked hackers expand European operations with fake job portals and new malware, researchers say
Security researchers say Iranian government-backed attackers are targeting Western Europe with fake job portals and new Minibike malware, including MiniJunk and MiniBrowse, delivered through a multi-stage DLL sideloading chain. The operation focuses on Denmark, Portugal, and Sweden and appears linked to broader Iran-aligned threat activity.
-
GitHub Tightens npm Publishing Security with 2FA, Short-Lived Tokens and Trusted Publishing
GitHub announced a sweeping set of security measures for npm publishing, including deprecating legacy tokens, migrating to FIDO-based 2FA, and introducing seven-day, short-lived granular tokens plus trusted publishing that uses OpenID Connect and cryptographic provenance attestations to bolster npm’s supply-chain security.
-
SEO-poisoning BadIIS malware tied to Operation Rewrite targets East and Southeast Asia, researchers say
Security researchers say a Chinese-speaking actor is using the BadIIS malware in an Operation Rewrite SEO-poisoning campaign to hijack search results via a compromised IIS proxy, targeting East and Southeast Asia with Vietnam as a focus.
-
Mac ad campaign impersonating brands pushes macOS credential stealer, LastPass warns
Security researchers warn of a malvertising campaign that uses search ads to impersonate LastPass and other services, delivering the Atomic Stealer/Amos Stealer on macOS via fraudulent GitHub pages; LastPass says takedowns are underway and IoCs are shared.
-
Microsoft patches critical Entra ID flaw CVE-2025-55241 with 10.0 severity, enabling cross-tenant impersonation
Microsoft has patched a critical Entra ID vulnerability, CVE-2025-55241, with a maximum CVSS score of 10.0 that could allow cross-tenant impersonation of users, including Global Administrators. The fix, disclosed by researchers and implemented on July 17, 2025, requires no action by customers, though experts warn the flaw highlights broader cloud-security risks and the need to…
-
Stellantis confirms data breach via third-party provider exposing customer emails
Stellantis disclosed that attackers breached a North American third-party customer-service partner, exposing only customer names and email addresses. The company launched an investigation, notified law enforcement, and urged affected customers to watch for phishing, as the auto maker navigates broader industry disruption linked to a separate JLR cyberattack.
-
Cyberattacks and fiber outages disrupt global aviation as European and U.S. delays mount
Technology outages in Europe and the United States disrupted air travel over the weekend, as Collins Aerospace’s ARINC cMUSE system suffered a cyberattack affecting check-in and baggage processing in Brussels, and a fiber-optic outage at Dallas/Fort Worth interfered with U.S. air‑traffic control operations, triggering hundreds of cancellations and delays.
-
Iran-linked Subtle Snail Targets European Telecoms in LinkedIn Recruitment Scheme, 34 Devices Infected
A Iran-linked cyber espionage group known as UNC1549, also called Subtle Snail, has been attributed to a campaign against European telecommunications firms, infiltrating 34 devices across 11 organizations through LinkedIn-based recruitment lures and a modular backdoor named MINIBIKE designed for long-term data exfiltration.
-
Fortra patches critical GoAnywhere MFT flaw; admins urged to restrict internet exposure of Admin Console
Fortra has issued patches for a critical GoAnywhere MFT vulnerability (CVE-2025-10035) that could enable remote command injection via deserialization. The company urges administrators to secure Admin Console access and apply the latest updates, as Shadowserver tracks hundreds of GoAnywhere instances and exposure continues to be a concern.
