John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

I haven't yet decided exactly what kind of content I intend to post here. I love cooking and taking pictures so initially I'll probably just share recipes, photos and that kind of thing.

If I really start using the space I may expand on the blog capabilities. For now I'm keeping it quite simple.

AI Exploits in Hours: The Patch Window Just Collapsed

John Z Black Mar 21, 2026

AI Security #ai security #langflow #rce #vulnerability management #incident response

Rapid exploitation plus cross-platform AI exposure means next-sprint patching is no longer a safe operating model.

Messaging and Collaboration Infrastructure Is Still an APT-Friendly Entry Point

John Z Black Mar 20, 2026

Threat Intelligence #apt-activity #zimbra #roundcube #opensips #collaboration-security #comms-infrastructure

Zimbra exploitation, Roundcube sanitizer bypasses, and OpenSIPS auth-bypass risk all point to one truth: communication infrastructure remains a high-value route to durable access.

Breach Impact Without a Single Archetype: Vendor, Insider, and Nation-State Pressure

John Z Black Mar 20, 2026

Incidents & Breaches #breach-response #insider-threat #nation-state #incident-governance #disclosure #board-risk

Navia, Aura, an insider ransomware conviction, and Lazarus attribution show why breach readiness should be built around resilient process, not assumptions about attacker type.

AI Security Is Splitting Into Two Fronts: Governance Controls and Exploitable Plumbing

John Z Black Mar 20, 2026

AI Security #ai-security #ai-governance #spring-ai #vector-store-security #zero-trust #agentic-iam

Enterprise AI security now requires two disciplines at once: policy-level governance for agents and hard application security work in the toolchain beneath them.

Attacker Scale in 2026: Botnets, EDR Killers, and Phishing-as-Operations

John Z Black Mar 20, 2026

Threat Intelligence #byovd #edr-evasion #phishing #botnets #threat-operations #malware-economics

From BYOVD-based EDR suppression to tax-season phishing pipelines and botnet disruption, attacker scale now comes from operational integration, not one breakthrough trick.

The Control-Plane Exposure Problem: ScreenConnect, SharePoint, UniFi, and Magento

John Z Black Mar 20, 2026

Vulnerabilities & Patching #vulnerability-management #screenconnect #sharepoint #unifi #magento #patch-prioritization

Today's critical bugs are not equal. ScreenConnect, SharePoint, UniFi, and Magento all threaten high-leverage control surfaces where one compromise can cascade.