John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
Google Paid Nearly $17 Million in Bug Bounties Last Year. What That Number Actually Tells Us.
Google's record $17 million in bug bounties sounds huge. Then you look at the exploit broker market, where a single iOS chain sells for $2.5 million, and the math gets interesting.
Read More
CISA Is Running on Fumes While Threats Keep Piling Up
A third of CISA's workforce is gone. The agency is operating at 38% capacity during a shutdown. And a DOGE whistleblower alleges someone walked out with Social Security data. This isn't a policy debate. It's a capacity crisis.
Read More
Two Spy Campaigns, Two Completely Different Playbooks
A Chinese APT has been sitting inside Southeast Asian military networks for six years. Meanwhile, Russian hackers are stealing Signal accounts with fake support messages. Same goal, wildly different approaches.
Read More
The Week Trust Kept Breaking
Iranian wipers, poisoned dev tools, AI agents as attack surfaces, patches that never stopped coming, and a ransomware negotiator working for the bad guys. Trust fell apart in every direction this week.
Read More
AI Agents Have a Security Problem — and It's Not Science Fiction Anymore
AI agents aren't chatbots. They act, execute, and chain decisions on their own. And the security model for most deployments? Basically nonexistent.
Read More
The EU Just Made AI Nudification a Crime. Here's Why It Matters Beyond Europe.
The EU Council wants to ban AI nudification tools outright, not regulate them. Criminal-tier penalties, extraterritorial reach, and a standard that global platforms can't ignore.
Read More