my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog / #vulnerability

Antivirus as a Weapon: The Defender Trilogy No One Can Patch

John Z Black Apr 17, 2026

Vulnerabilities & Patching #windows-defender #zero-day #privilege-escalation #microsoft #vulnerability

A single researcher has spent April taking Windows Defender apart. The results are a set of three zero-days that turn your antivirus into a malware delivery system and then blind it so it can't see the damage.

Read More

The AI Threat Window Is Open. Security Leaders at RSAC Are Saying So Out Loud.

John Z Black Mar 28, 2026

AI Security #ai #rsac #rsac2026 #langchain #langgraph #openai #vulnerability #enterprise #mandia #stamos

Kevin Mandia called the next two years a 'perfect storm for offense' at RSAC 2026, and the evidence landed the same week.

Read More

Citrix Patches CVE-2026-3055 in NetScaler: A 9.3 Memory Flaw That Looks a Lot Like CitrixBleed

John Z Black Mar 26, 2026

Vulnerabilities & Patching #citrix #netscaler #cve-2026-3055 #patching #enterprise-security #vulnerability

Citrix patched a CVSS 9.3 unauthenticated memory read in NetScaler ADC and Gateway that can leak session tokens. No active exploitation yet, but the history of CitrixBleed says don't wait.

Read More

CISA Added Five Actively Exploited Flaws to Its List. You Have Until April 3.

John Z Black Mar 25, 2026

Vulnerabilities & Patching #cisa #kev #apple #laravel #craft-cms #patch #vulnerability #darksword

CISA added five actively exploited vulnerabilities to its KEV catalog, including three Apple flaws tied to the DarkSword iOS exploit kit and a CVSS 10.0 RCE in Craft CMS. The April 3 deadline is for federal agencies. The exploitation isn't.

Read More

Interlock Ransomware Had a Cisco Firewall Zero-Day Before Anyone Knew It Existed

John Z Black Mar 23, 2026

Ransomware & Cybercrime #ransomware #interlock #cisco #zero-day #vulnerability #cybercrime

The Interlock ransomware group exploited a critical Cisco ASA/FTD zero-day for weeks before disclosure, marking a real shift as criminal groups gain access to capabilities once reserved for nation-states.

Read More

Two Vulnerabilities, Two Patches, One Message: Critical Enterprise Flaws Need Immediate Attention

John Z Black Mar 15, 2026

Vulnerabilities & Patching #patch-management #microsoft #windows-11 #hpe #aruba #enterprise-security #rce #vulnerability

Microsoft shipped an emergency out-of-band RRAS patch days after Patch Tuesday. HPE has a switch vulnerability that lets attackers reset admin passwords with zero credentials. Both need patching now.

Read More

48 Hours to Patch or Get Owned: The New Enterprise Reality

John Z Black Mar 10, 2026

Enterprise Security #patching #google-cloud #cisa-kev #ivanti #solarwinds #cisco #sd-wan #vulnerability

Vulnerability exploitation just passed stolen credentials as the #1 way attackers break into cloud environments. And you've got about 48 hours before they're at your door.

Read More