John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
ShinyHunters Popped a Telehealth Giant Through Its Help Desk
Two employees tricked out of their Okta creds. Millions of telehealth support tickets stolen. And Hims says no medical records were exposed. Sure.
Read More
Hackers Built a SaaS-Style Dashboard to Loot Next.js Apps at Scale
UAT-10608 built an automated framework that exploits a CVSS 10.0 React flaw to compromise Next.js apps, harvest credentials, and display the loot in a searchable dashboard.
Read More
A Zero-Day Turned TrueConf's Update Channel Into a Malware Delivery System
Chinese-nexus actors exploited a zero-day in TrueConf to hijack the update mechanism and push trojanized updates to Southeast Asian government agencies.
Read More
Stryker Recovered from an Iranian Wiper Attack. It Took Three Weeks and 80,000 Devices.
Iran's Handala group wiped 80,000 devices across Stryker's global network. Maryland EMS lost digital ECG transmission. The DOJ confirmed Iran's government runs Handala.
Read More
RSAC 2026: AI Dominated, Washington Bailed, and Facial Recognition Got Wrecked on Stage
RSAC 2026's biggest story was who didn't show up. CISA, FBI, and NSA all pulled out. Meanwhile, AI was everywhere, a researcher beat facial recognition live, and OpenAI launched a $100K bug bounty.
Read More
LA Metro Is Still Rebuilding 1,400 Servers After a March Cyberattack
Two weeks after detecting unauthorized access, LA Metro is checking 1,400 servers one by one. WorldLeaks claims 160GB stolen. Trains and buses never stopped.
Read More