my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

Mostly security stuff...

Make sure you check out my main blog at https://gnerdsec.com/blog

ChatGPT Was Leaking Your Conversations Through Its Own Infrastructure, and You Never Knew

John Z Black Mar 31, 2026

AI Security #chatgpt #openai #ai-security #dns-exfiltration #check-point #enterprise-ai #ai-governance #data-leakage #linux-runtime

Read More

The Week Toolchain Trust Collapsed, Again

John Z Black Mar 30, 2026

Threat Intelligence #weekly-recap #supply-chain #teampcp #ai-security #authentication #iran #healthcare #bpfdoor #privacy

TeamPCP kept hitting developer tooling. AI attack surfaces went from theoretical to exploited. Attackers logged in instead of breaking in. And Iran went after the FBI director's personal inbox.

Read More

TeamPCP Is Back. Now It's Deploying Ransomware Through Your AI Libraries.

John Z Black Mar 30, 2026

AI Security #supply-chain #teampcp #litellm #telnyx #ransomware #python #steganography #ai-security

The supply-chain group that poisoned Trivy last week just hit LiteLLM and the Telnyx SDK, hid their payload in WAV audio files, and announced a ransomware affiliate partnership.

Read More

Every Major Security Vendor at RSAC Has an AI Agent Now. Here Is What Is Actually Real.

John Z Black Mar 30, 2026

AI Security #rsac-2026 #agentic-soc #ai-security #crowdstrike #wiz #proofpoint #arctic-wolf #greynoise #vendors

CrowdStrike, Wiz, Proofpoint, Arctic Wolf, and GreyNoise all launched agentic AI products at RSAC 2026 -- here's an honest scorecard of what's shipping versus what's still a roadmap.

Read More

Three Ransomware Gangs Own a Third of North America's Cybercrime. What That Means for Your Risk Model.

John Z Black Mar 30, 2026

Ransomware & Cybercrime #ransomware #qilin #akira #clop #north-america #threat-intelligence #risk-management

Qilin, Akira, and Clop together claimed roughly 34% of all recorded North American ransomware incidents in 2025 -- and that concentration is actually something defenders can use.

Read More

The Progress We Thought We Were Making Against Hackers? It Just Went Backward.

John Z Black Mar 30, 2026

Threat Intelligence #m-trends #dwell-time #mandiant #espionage #ransomware #north-korea #threat-intelligence

Dwell time reversed in 2025, and the reason why tells you exactly which threats most security programs are not built to catch.

Read More