John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
Stryker Finds a Malicious File in Its Systems. Production Is Coming Back Online.
Stryker's forensic investigation with Palo Alto Networks Unit 42 found a malicious file used to run commands and conceal activity, a separate finding from the initial Handala attack. Production recovery is underway.
Read More
The npm Ghost: That Install Log Looked Normal Because It Was Built to Fool You
Seven malicious npm packages have been stealing sudo passwords and crypto wallet data from developer machines since February. The trick: they generate fake terminal output so convincing that developers don't look twice.
Read More
New Mexico Handed Meta a $375 Million Jury Verdict on Child Safety. Every State AG Is Watching.
A New Mexico jury just handed Meta its first courtroom defeat over child safety: a $375 million verdict after six weeks of trial. It's not a settlement. It's a proof of concept for state AGs everywhere.
Read More
UK's Top Cyber Official at RSAC: Stop Watching Vibe Coding From the Sidelines
NCSC CEO Dr. Richard Horne told RSAC 2026 that vibe coding is moving fast enough to reshape the SaaS industry, and the security community has a narrow window to shape how it lands instead of cleaning up after it.
Read More
The FCC Just Banned Foreign Routers. Almost Every Router You Own Is Foreign.
The FCC has declared foreign-made consumer routers a national security threat and blocked new ones from entering the US market. Here's what the rule actually covers, what it doesn't, and why the hard question about firmware goes unanswered.
Read More
CISA Added Five Actively Exploited Flaws to Its List. You Have Until April 3.
CISA added five actively exploited vulnerabilities to its KEV catalog, including three Apple flaws tied to the DarkSword iOS exploit kit and a CVSS 10.0 RCE in Craft CMS. The April 3 deadline is for federal agencies. The exploitation isn't.
Read More