John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
The 732-Byte Secret to Root: Everything You Know About Hardening Just Failed
Copy Fail (CVE-2026-31431) is a nine-year-old logic flaw that grants root on basically every Linux distro. It's tiny, it's reliable, and your file integrity monitors won't see a thing.
Read More
From Job Interview to Lab-Infection: How Hackers are Worming Through Your Team
North Korea's newest 'Contagious Interview' wave is turning your own developers into delivery boys. One fake interview is enough to backdoor your entire codebase.
Read More
Physical Failures: The Tile Tracker Leak and the Security Irony
A hacker breached the Tile/Life360 law enforcement portal using a former employee's stolen credentials. The tool built to help police find your kids became a stalker's dashboard.
Read More
MoveIt Redux: Progress Software Battles a New Wave of RCE Flaws
New critical RCE vulnerabilities in MoveIt WAF and LoadMaster let attackers reach the management shell and bypass security controls entirely. Your patch window is hours, not days.
Read More
Global Tech Debt Audit: Oracle's April CPU Breaks the Volume Record with 481 Fixes
Oracle just shipped 481 security fixes across 28 product families in a single patch cycle. The Java SE and WebLogic flaws hit CVSS 9.8. This isn't a success story.
Read More
Operation Power Off Round 2: 53 Domains Seized in Sustained DDoS Takedown
Europol's Operation Power Off 53 domains seized, 75,000 users warned, 25 search warrants served. Law enforcement has moved from arresting admins to systematically dismantling the ecosystem.
Read More