John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
The AI Training Pipeline Just Became a High-Value Target
A trojanized LiteLLM package hit Mercor, the AI training vendor shared by OpenAI, Anthropic, and Meta, exposing the massive concentration risk in the AI supply chain.
Read More
Update Chrome Now. Update FortiClient Now. Here's Why.
Two critical vulnerabilities are being actively exploited right now: a Chrome WebGPU zero-day and a Fortinet pre-auth privilege escalation, and both have patches available today.
Read More
BRICKSTORM Hides Where Your EDR Can't See It
A suspected China-nexus espionage operation targets VMware vCenter and ESXi hypervisors, persisting at the virtualization layer where endpoint security is blind.
Read More
AI Security Guardrails Are Failing Quietly, and Two New Studies Prove It
Claude Code's deny rules silently break after 50 subcommands and Bedrock's guardrails don't cover multi-agent flows by default, proving that AI safety tools work in demos but fail in production.
Read More
TeamPCP's Criminal Empire Is Growing and Nobody Agrees Who's Running It
TeamPCP has evolved from cloud extortion to a criminal franchise operation with a wiper targeting Iran, a ransomware partnership with 300K affiliates, and public feuds with other threat actors.
Read More
The Storm Infostealer Doesn't Decrypt Your Passwords Locally. It Takes Them Home First.
Storm ships encrypted credentials to attacker servers for decryption, bypassing every endpoint detection built to catch local credential theft.
Read More