John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
Apple Patched the Door. Attackers Used the Window.
macOS 26.4 added Terminal security scanning to block ClickFix attacks. Within 48 hours, Atomic Stealer was back, running through Script Editor instead. One click. No warning.
Read More
Android's April Patch Targets a Security Layer Most Users Have Never Heard Of
April's Android security update fixes a critical zero-interaction DoS and a High-severity flaw in StrongBox, the hardware layer protecting your payment credentials, biometrics, and encrypted storage.
Read More
Six Federal Agencies Just Told You to Disconnect Your PLCs. Here's What Forced Their Hand.
FBI, CISA, NSA, EPA, DOE, and Cyber Command co-signed a single advisory on Iranian hackers disrupting PLCs at U.S. water, energy, and government facilities. This isn't theoretical.
Read More
Three CVEs in Flowise, a Prompt Injection in Grafana, and the Growing Case That Your AI Stack Is the Target
Flowise has a perfect 10.0 CVSS under active exploitation. GrafanaGhost injects prompts through metric names. The attack surface isn't the AI model. It's everything around it.
Read More
$20.88 Billion Gone: What the FBI's New Cybercrime Report Actually Says
The FBI's IC3 report crossed $20 billion for the first time. Crypto fraud, AI-enabled scams, and elder exploitation tell a story the headline number doesn't capture.
Read More
Docker's Authorization Bypass Is Back. It's Been Broken for a Decade.
Pad an HTTP request past 1MB and Docker's AuthZ plugins see nothing. CVE-2026-34040 has been sitting in Docker Engine since 2016, and researchers showed AI agents can be tricked into exploiting it.
Read More