John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
The Printing Provider Pivot: Concentration Risk Hits US Banks
Citizens Bank and Frost Bank customers had their data stolen through outsourced printing and tax fulfillment vendors. Everest ransomware is targeting the boring middle layer.
Read More
The AI Attack Lab: MCPwned and the Offensive Agent Cycle
New tools like MCPwned and Sable are giving red teamers (and attackers) the ability to inject prompts, audit MCP handshakes, and evade AI SOCs. The attack surface for AI systems is wide open.
Read More
Adversarial Distillation: The Industrial-Scale Theft of Frontier AI
The White House has officially flagged 'adversarial distillation' as a major threat. China is using tens of thousands of fake accounts to clone U.S. AI capabilities by strip-mining model outputs. This is model theft through the front door.
Read More
The 48-Hour Secrets Sprint: How Three Registries Were Swept in One Weekend
A coordinated 48-hour sprint hit npm, PyPI, and Docker Hub, targeting developer secrets at scale. From infected AI libraries to a trojanized security scanner, the supply chain is moving faster than your detection.
Read More
Lotus Wiper Hits Venezuela: When Cyber War Targets the Grid
Lotus Wiper has been quietly targeting Venezuelan energy and utility firms since late last year. This isn't about intelligence gathering; it's about disruption. When the goal is to stop the lights, the defensive playbook has to change.
Read More
Patch and Pray Failed: FIRESTARTER Proves Cisco Devices Can Stay Owned
A federal agency followed the rules, patched the CVE, and still got owned. FIRESTARTER is a specialized Cisco backdoor designed to survive the remediation cycle. It’s time to stop assuming a patch equals a clean network.
Read More