What you'll see on this feed: 🔎 Live threats hitting Texas businesses (anonymized, real data) 🚨 CVE-of-the-Week breakdowns for non-security teams 🛡 Ransomware tactics we're seeing in active engagements ⚡ Practical hardening tips for SMBs Built by senior ethical hackers. → CoreRecon.com

Good artice, #uruguay #pampaleaks 🇺🇾 Posted on June 7, 2026 by Dissent DataBreaches recently recommended an article by Alberto Daniel Hill about digital security in Argentina, Uruguay, and Mexico. In describing his article, DataBreaches reported: In one section of his report, Hill calls out a company for allegedly manufacturing cyber threats, which he claims they then use to create public panic through media amplification. With the public panicking over their manufactured threats, the company then sells its monitoring platform to enterprises for $29,000 annually, Hill reports. That paragraph originally named the company, BCA Ltd., a threat intelligence firm registered in the U.K. Following publication, DataBreaches was contacted by Mauro Eldritch of BCA Ltd, who requested we remove the firm’s name, claiming that the allegations were untrue and harmful to their reputation. DataBreaches agreed to remove their name from the original post while we investigated the matter in more depth. Read whole article: databreaches.net/2026/06/07/… Previous: databreaches.net/2026/06/01/… CC: @VECERTRADAR @DailyDarkWeb @BleepinComputer @InfoSecSherpa @CoreRecon @0xToxSec @PacketWalker @DigitalArmyio @MigueGaspar @ElQueNews #PampaLeaks #SamaritanAPI #ArgentinaAPI #ThreatIntel #OSINT #RadicalTransparency #argentina #uruguay

@mikkwallace x.com/ADanielHill/status/205…

Resilience > prevention is finally getting the airtime it deserves. The companies recovering in hours instead of weeks aren't the ones with the biggest security stack — they're the ones who actually tested their IR plan against a live red team in the last 90 days. Tabletop exercises don't count.

Reminder for every CISO reading this: your patch SLA is only as good as your asset inventory. If you can't answer "do we run WebSphere anywhere?" in under 10 minutes, that's the vulnerability — the CVE is just the symptom. Attack surface management is non-negotiable in 2026.

The skills conversation in cyber keeps missing the obvious: AI didn't kill the analyst — it killed the analyst who only knew one tool. The operators thriving in 2026 are the ones who can read a packet capture, write a detection rule, AND prompt an LLM into a useful triage assistant. Generalist depth wins.

Honest question for IT leaders: If an attacker breached your network at 2am on a Saturday… how would you know? • Would your alerts actually fire, or get buried in noise? • Is anyone watching them at 2am? • Do you have a playbook, or just hope? • When was the last time you tested any of this? Most orgs can't answer cleanly. That gap is the whole game. DM us. We pressure-test it for real. → CoreRecon.com

Last week, a Corpus Christi manufacturer asked us to "just run a quick vuln scan." 6 hours in, we'd already found: → Domain admin creds in a public S3 bucket → An RDP server exposed to the internet with no MFA → A legacy ERP system 4 major versions behind → Backups stored on the same network as production They thought they were "too small to be a target." Ransomware groups don't care how big you are. They care how easy you are. Get a real adversary-simulation assessment. → CoreRecon.com

🚨 CoreRecon Threat Pulse — May 26 What the SOC is watching this week: • Cisco Secure Workload 10.0 — critical flaw, patch now • Drupal CVE-2026-9082 — ~670 unpatched instances in the wild • CERT-In drops the patch window to 12 hours for critical CVEs • ClickFix social-engineering hitting 700 Ghost CMS sites • Rogue AI agents using stolen employee creds (not theoretical anymore) If any of these are blind spots, talk to us. → CoreRecon.com

Unpopular opinion from someone who breaks into networks for a living: Your firewall isn't your problem. Your EDR isn't your problem. Your SIEM isn't your problem. Your problem is the 14 forgotten subdomains, the intern's old AWS key on GitHub, and the VPN appliance nobody patched since 2023. Attackers don't pick locks. They walk through doors you forgot existed. That's what we hunt. → CoreRecon.com

Every 39 seconds, a business gets hacked. By the time you finish reading this post, 3 more will be compromised. Most won't know for 207 days. If your last pen test was "compliance-driven" instead of adversary-driven, you have a problem you can't see. We fix that. → CoreRecon.com