my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

Mostly security stuff...

Make sure you check out my main blog at https://gnerdsec.com/blog

The Week the Clock Ran Out

John Z Black Apr 13, 2026

Threat Intelligence #weekly-recap #ai-security #anthropic #iran #ot-security #supply-chain #activemq #ivanti #lapd #surveillance #plugx #juniper

Defenders got squeezed this week. AI sped up vuln discovery, OT attacks stayed active, and trusted update channels turned into incident response events.

Read More

The Week the Clock Ran Out

John Z Black Apr 13, 2026

Threat Intelligence #weekly-recap #ai-security #anthropic #iran #ot-security #supply-chain #activemq #ivanti #lapd #surveillance #plugx #juniper

Defenders got squeezed this week. AI sped up vuln discovery, OT attacks stayed active, and trusted update channels turned into incident response events.

Read More

CISA Has Already Assessed Almost Every World Cup Stadium. The Cyber Defense Operation Is Running.

John Z Black Apr 13, 2026

Security Operations & Resilience #world-cup-2026 #cisa #event-security #critical-infrastructure #ddos #fifa #milan-olympics

CISA has completed cybersecurity assessments at nearly every World Cup 2026 stadium and team base camp. A White House task force is operational. The Milan Winter Olympics just gave the whole framework a live stress test with real Russian-linked attacks. This isn't a plan anymore.

Read More

The W3LL Takedown Is the Third Major PhaaS Bust in 2026. The FBI Is Running a Campaign.

John Z Black Apr 13, 2026

Ransomware & Cybercrime #phishing #phaas #fbi #law-enforcement #mfa-bypass #cybercrime

FBI Atlanta and Indonesian police dismantled W3LL, a full-service phishing-as-a-service platform that had been running since 2019 and was explicitly designed to bypass MFA. It's the third major PhaaS takedown in 2026, and that pattern matters more than any single bust.

Read More

Russian Satellites. Iranian Missiles. A U.S. AWACS. Three Sources Now Document the Same Kill Chain.

John Z Black Apr 13, 2026

Threat Intelligence #russia #iran #threat-intelligence #awacs #satellite-isr #cyber-operations #state-actors #geopolitical

A Russian satellite imaged Prince Sultan Air Base before the March 27 strike. Iran hit a U.S. E-3 Sentry AWACS. A Russian satellite returned the next day for damage assessment. A Ukrainian intelligence assessment, a Western military source, and a U.S. orbital analytics firm all now document pieces of that sequence.

Read More

OpenAI Rotated Its macOS Signing Certs After the Axios Attack. No Proof of Key Theft. They Rotated Anyway.

John Z Black Apr 13, 2026

Security Operations & Resilience #supply-chain #openai #code-signing #macos #ci/cd #axios #certificate-revocation

A malicious Axios npm package executed inside OpenAI's GitHub Actions signing workflow. Their investigation found no evidence keys were stolen. They revoked and rotated the certificates anyway. That decision is the interesting part.

Read More