my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

Mostly security stuff...

Make sure you check out my main blog at https://gnerdsec.com/blog

Patch Week From Hell: Microsoft, Adobe, SAP, and HPE All Drop Critical Fixes at Once

John Z Black Mar 11, 2026

Vulnerability Management #patch-tuesday #microsoft #adobe #sap #hpe #zero-day #vulnerability-management

March 2026 might be the worst coordinated patching week in years. Microsoft, Adobe, SAP, and HPE all dropped critical fixes in the same 48-hour window. Here's what to patch first.

Read More

Russian Hackers Are Coming for Your Signal and WhatsApp

John Z Black Mar 10, 2026

Consumer Security #signal #whatsapp #russia #nation-state #linked-devices #encryption #consumer-security

Dutch intelligence says Russian state hackers are running a global campaign to hijack Signal and WhatsApp accounts by abusing the linked-device feature. Here's how to check if you're compromised.

Read More

Your Vendors Got Hacked: Supply Chain Breaches Keep Piling Up

John Z Black Mar 10, 2026

Breaches & Incidents #supply-chain #salesforce #shinyhunters #healthcare #cognizant #trizetto #ericsson #breach

ShinyHunters hit 400 companies through Salesforce misconfigs. Cognizant lost 3.4 million patient records. Ericsson got popped via a vendor. The supply chain is the perimeter now, and it's breaking.

Read More

ClickFix Is the Social Engineering Trick That Took Over 2026

John Z Black Mar 10, 2026

Threat Intelligence #clickfix #social-engineering #ransomware #teams #phishing #a0backdoor #castlerat #chrome-extensions

A dead-simple social engineering trick is showing up everywhere in 2026. Users paste a command into PowerShell or a Run dialog and boom, malware runs. Three separate campaigns hit this week alone.

Read More

48 Hours to Patch or Get Owned: The New Enterprise Reality

John Z Black Mar 10, 2026

Enterprise Security #patching #google-cloud #cisa-kev #ivanti #solarwinds #cisco #sd-wan #vulnerability

Vulnerability exploitation just passed stolen credentials as the #1 way attackers break into cloud environments. And you've got about 48 hours before they're at your door.

Read More

AI Found Thousands of Software Bugs This Month. Then It Wrote Exploits.

John Z Black Mar 10, 2026

AI & Security #ai-security #vulnerability-research #firefox #openssh #chromium #anthropic #openai #exploit

Anthropic's Claude found 22 Firefox zero-days in two weeks and wrote working exploits for two of them. OpenAI's Codex flagged over 10,000 high-severity bugs across major open-source projects. AI-powered vulnerability research isn't theoretical anymore.

Read More