Welcome to CyberHoot’s June Newsletter!
Normally my introduction to this newsletter avoids hyperbolic claims and artificial urgency. Truthfully, there’s nothing hyperbolic or artificial about the following introduction. Please pay attention and take action now. The AI capabilities we’re seeing brought to market are keeping me up at night. You can take really important measures to batten down the hatches of your company now, and hopefully make it through the storms to come. The future after these storms is bright, safe, and more secure than ever before. The storms we’re facing, what I’m calling a Breach Tsunami, is building and your window to prepare is closing fast. Please, act now to prepare. Here’s why.
In April, Anthropic disclosed Claude Mythos Preview, its most capable AI coding and vulnerability discovery model, and promptly declined to release it publicly due to cybersecurity concerns. We covered this here. On June 9, Anthropic released Fable 5, a guardrailed version of the same underlying model. The U.S. government compelled Anthropic to remove Fable 5 from general availability three days after release when Amazon’s security team flagged a jailbreak in their guardrails
AI is now scanning networks and finding vulnerabilities faster than any human team. Not just one or two; but thousands. Additionally, Anthropic’s red team tracked 832 malicious actors misusing AI across every stage of the attack lifecycle over the past year. The share of high-risk actors nearly doubled in just six months. Bug bounty programs are suspending operations as the volume and quality of submissions has become unmanageable. Software developers are struggling under the weight of bugs AI is surfacing. Attackers are gaining access to those same tools right now. Our second article this month covers exactly how this works and how your organization needs to prepare.
As Steve Gibson, security researcher and host of the Security Now! podcast, said on June 9th:
“No one who’s been following this podcast [Editors Note: for 20+ years] has ever heard me run around saying that the sky is falling. But what we learn from this report is as close to that as we’ve ever been.”
Do not wait. Take at least these four steps now. Read the article for even more suggestions.
Shrink your data footprint. Less data on your internal network means fewer breach notifications when attackers get through.
Close every open door. Review and shut down every network pathway you do not absolutely need.
Deploy a honeypot. It’s designed to alert you the moment someone is inside your network.
Set patching to automatic. No delays, no exceptions. New patch releases are reverse engineered into active exploits in record time (minutes and hours – not days and weeks).
This month we also cover the identity risks that live inside your network after users log in and what Google Chrome did to help stop cookie theft.
Laugh. Learn. Hoot Up!
Craig CEO,
Co-Founder, CyberHoot
Hackers steal your Post-Authentication Cookies.
Chrome can help stop this but Website Support is Needed!
AI is Finding Zero-Days Everywhere. Let’s Fix Them First.
Your Identity Is Not Only a Front-Door Problem, It is an Internal Risk Too
CyberHoot Featured on Security Now!
CyberHoot has officially achieved a long-standing goal of being featured on the legendary “Security Now!” podcast with Leo Laporte and Steve Gibson. To be 100% clear, this is a paid sponsorship of the podcast.
In addition to that, Leo Laporte personally endorsed CyberHoot:
“When we got phished [before CyberHoot] it became pretty clear we needed to do more to protect our company. The same old training just wasn’t working. CyberHoot came to the rescue. It’s fun, our team loves it, and best of all, it’s helping to keep us safe. Hoot on!” — Leo Laporte
Please watch this quick 3-minute feature as Leo Laporte shares his experience with HootPhish and explains why CyberHoot’s positive reinforcement approach to phishing education caught his attention.
Customer Spotlight
Liking CyberHoot? We need your help. Please leave us your review at G2.com!
– G2
For more information on how to leave a CyberHoot review, please watch the brief video overview below. Note: to avoid fraudulent reviews, each review website will require to you to create and validate your identity through an email account registration process.
CyberHoot Awarded Badges from G2
Cybersecurity Term of the Month:
Zero-Day Vulnerabilities
A zero-day vulnerability is a security flaw that the software vendor does not know about yet. No patch exists. Developers have had zero days to fix it.
That definition has not changed. What has changed is who finds these flaws and how fast. AI tools now scan millions of lines of code in hours and surface vulnerabilities that would take human researchers weeks to months to not ever finding! Attackers have access to those same tools. When a critical patch drops, AI can reverse-engineer what it fixes in minutes, giving attackers a blueprint before most organizations have even scheduled the update.
The answer is simple: turn on automatic patching now. Do not wait for a maintenance window. Downtime from a patch is recoverable. A breach is not.
Read the full Cybrary term, including what to do whether your business consumes software or builds it: Zero-Day Vulnerabilities
Check out Craig Taylor, CEO and Co-Founder of CyberHoot, Featured on the 40 Percent Better Podcast with Bill Lennan!
Recently Added Features
Please note: CyberHoot is upgrading all Power Users to Autopilot for free. Contact [email protected] to schedule your free upgrade. Power platform will be retired later this year Sept. 2026.
Power Platform Release Notes
- Converted Foundational 6 videos to our new Foundational 5 videos.
- Updated language translator to detect source language.
- Updated Dehashed dark web pulls to not reactivate deactivated breach info.
- Added Compliance Scorecard integration.
Autopilot Platform Release Notes
- Converted Foundational 6 videos to our new Foundational 5 videos.
- Updated User Table site flow.
- Updated language translator to detect source language.
- Added ability to mass archive CustomHoots assignments in Autopilot.
- Updated Dehashed dark web pulls to not reactivate deactivated breach info.
- Added Compliance Scorecard integration.
- Added preview functionality for Attack Phish and landing pages.
- Added Alphabetical Order to Tenant Table.
New Feature Alert: Custom AttackPhish
We’re excited to introduce Custom AttackPhish, a new feature within CyberHoot’s Autopilot platform that gives administrators greater flexibility when running phishing simulations. With Custom AttackPhish, (located in our CustomHoots Power-Up) admins can create and launch customized phishing campaigns that better reflect the real-world threats their users may encounter.
This helps organizations deliver more relevant security awareness training while improving users’ ability to recognize and respond to phishing attempts.
If you need additional help, you can always reach our support team at [email protected].
Enroll in CyberHoot’s Referral Program today and start earning a 20% share of all revenue generated for one year by those who register through your exclusive referral link. As a referral partner, not only will you receive financial rewards, but you’ll also experience the satisfaction of aiding others in becoming more security-conscious, safeguarding them against cyber threats. Don’t hesitate, sign up now at https://cyberhoot.com/referral-program/.
Referral through Autopilot’s Dashboard:
Join CyberHoot in our mission to create a more aware and better secured world! Recommend CyberHoot Autopilot to a friend, and they will enjoy a complimentary first month. For every new sign up who uses your referral link, you will receive a free month added to your account. This offer is exclusively for first-time CyberHoot registrants.
CyberHoot has Free Cybersecurity Training for Individuals
Know someone who had a close call recently with a cyber attack, phishing email, or social engineering phone call? Recommend CyberHoot’s free cybersecurity training. They’ll receive six (6) videos (each video is 3-4min.) and one of our positive reinforcement, hyper-realistic, phishing simulations. All for free.
Registration: https://cyberhoot.com/individuals
Looking for additional resources?
CyberHoot White Paper Download – How HootPhish Improves upon AttackPhish
All New: 2025 Infographics on Cybersecurity Statistics
Secure your business with CyberHoot Today!!!
The post CyberHoot’s Cybersecurity Newsletter: June 2026 appeared first on CyberHoot.