Welcome to CyberHoot’s February Cybersecurity Newsletter!
Attackers aren’t just targeting passwords anymore. They’re going after session tokens, misconfigured cloud services, and even the AI tools your team uses every day. The perimeter is getting more porous, and the browser has quietly become another chink in your armor.
And yet, there is good news. Each of the risks outlined this month are preventable. A clear understanding of how they work turns surprise into preventive measures and resilient defenses.
This month at CyberHoot, we’re unpacking four emerging issues that deserve your attention, not because they’re sensational, but because they’re practical, timely, and fixable.
Sneaky browser extensions are stealing ChatGPT session tokens without ever touching a password or triggering MFA. Once an attacker has a valid session token, they can impersonate users as if they logged in legitimately. We’ll explain how this attack works at the technical level, why it bypasses traditional safeguards, and what controls you should implement right now to protect your organization.
A senior cybersecurity leader recently made a costly AI mistake, and it wasn’t due to lack of technical knowledge. It was a lapse in safe usage practices with a public AI tool. The lesson is clear: even experienced professionals can expose sensitive data without guardrails. We’ll break down what happened and outline a practical framework for using AI tools safely and responsibly without banning its use.
Google Workspace remains a cornerstone of modern business operations, yet common security gaps continue to lead to avoidable breaches. From weak admin role segmentation to missing conditional access policies, small misconfigurations can create outsized risk. We’ll identify the most frequent weaknesses we see, explain why they matter, and provide a prioritized remediation checklist.
Finally, MongoBleed exposed 87,000 internet-facing MongoDB databases. This wasn’t a sophisticated zero-day, it was an exposure problem. We’ll cover who’s most at risk, how to determine if you’re vulnerable, the immediate patching steps to take, and the longer-term hardening strategies that protect your data from becoming the next headline.
Read on, stay disciplined, and keep your organization Cyber(Hoot) Smart.
Craig
CEO, Co-Founder CyberHoot
Sneaky Browser Extensions Are Hijacking ChatGPT Sessions
Cybersecurity Leader Uploads Sensitive Files to AI
Common Google Workspace Security Gaps
MongoBleed: Why 87,000 Databases Had Their Front Doors Wide Open (And How to Close Yours)
Customer Spotlight
Liking CyberHoot? We need your help. Please leave us a review using the links below!
TrustPilot.com | G2.com | Capterra.com | Google.com | TrustRadius.com | Gartner.com
– K12 System Administration Reddit Thread
For more information on how to leave a CyberHoot review, please watch the brief video overviews below. Note: to avoid fraudulent reviews, each review website will require to you to create and validate your identity through an email account registration process.
- How to leave a TrustPilot Review
- How to leave a G2 Review
- How to write a Capterra.com Review
- How to write a Google Review of CyberHoot
- How to leave a TrustRadius Review
- How to leave us a Gartner ‘Peer Review’ Review
CyberHoot Awarded Badges from G2
Cybersecurity Term of the Month:
Data Poisoning (Poisoning Attack)
Data poisoning is an attack in which an adversary deliberately injects malicious, misleading, or biased data into an AI model’s training, fine-tuning, or feedback pipeline to influence how the model behaves. The objective is to cause the model to produce incorrect, unsafe, biased, or attacker-controlled outputs, either broadly or under specific conditions.
Unlike prompt-based attacks, data poisoning targets the learning process itself. Once poisoned data is incorporated, the model may behave maliciously even for normal, legitimate users.
Recently Added Features
Power Platform Release Notes
- Added ability to change numbers of training hours on certificates of completion.
- Added ability to view AttackPhish email for campaign with unique templates.
- Updated user edit page so synced manager is selected.
- Added notification in report setting when manager emails are disabled.
- Added username to CSV header for active and archived User Status exports.
- Updated logo link in user-related emails to redirect to assignment page.
- Added a new section to the MSP report that lists the admin accounts and last login date.
- Added open assignment count to manager dashboard and fix table filtering issues.
- Increased generation speed of manager compliance report.
- Updated cybersecurity summary report compliance page to not include unselected data.
- Added allowance for HootPhish Challenge pages to be embedded in external sites.
- Updated logo link in quiz result emails to redirect to assignment page.
- Updated automated reports to not send to inactive admins.
Autopilot Platform Release Notes
- Added the ability to create Custom Phish templates in Autopilot CustomHoots.
- Updated email template name column to be clickable and preview template.
- Updated DMARC section in Autopilot and sales report to alert on enforcement.
- Added notification in report setting when manager emails are disabled.
- Display number of attempts in response details for user status.
- Updated Archived Users Mass Actions to Allow Unarchiving of Synced Users.
- Updated Users CSV Upload Instructions in Autopilot to Be More Prominent and Clear.
- Added Non-AttackPhish Report Forwarding Email field to AttackPhish settings.
- Added username to CSV header for Training History export.
- Updated logo link in user-related emails to redirect to assignment page.
- Added a new section to the MSP report that lists the admin accounts and last login date.
- Added the ability to edit select fields in active AttackPhish campaigns.
- Added ability to edit sync user and mass action options for phishing difficulty and language.
- Added open assignment count to manager dashboard and fix table filtering issues.
- Increased generation speed of manager compliance report.
- Updated cybersecurity summary report compliance page to not include unselected data.
- Added ability to send welcome email preview.
- Added allowance for HootPhish Challenge pages to be embedded in external sites.
- Updated logo link in quiz result emails to redirect to assignment page.
- Updated automated reports to not send to inactive admins.
- Redesigned the public results page for power up HootPhish Challenges and added more metrics.
Check out Craig Taylor, CEO and Co-Founder of CyberHoot, Featured on Ai Experience Podcast!
New Feature Alert: AI Support ChatBot
CyberHoot’s new ChatBot Self-Service Support is now live, providing 24×7 assistance directly inside the Admin Interface and on our CyberHoot website. Located at the bottom right of your screen, this intelligent support tool helps you find answers instantly, troubleshoot issues, and access resources without waiting for an email response.
If you need additional help, you can always reach our support team at [email protected].
Enroll in CyberHoot’s Referral Program today and start earning a 20% share of all revenue generated for one year by those who register through your exclusive referral link. As a referral partner, not only will you receive financial rewards, but you’ll also experience the satisfaction of aiding others in becoming more security-conscious, safeguarding them against cyber threats. Don’t hesitate, sign up now at https://cyberhoot.com/referral-program/.
Referral through Autopilot’s Dashboard:
Join CyberHoot in our mission to create a more aware and better secured world! Recommend CyberHoot Autopilot to a friend, and they will enjoy a complimentary first month. For every new sign up who uses your referral link, you will receive a free month added to your account. This offer is exclusively for first-time CyberHoot registrants.
CyberHoot has Free Cybersecurity Training for Individuals
Know someone who had a close call recently with a cyber attack, phishing email, or social engineering phone call? Recommend CyberHoot’s free cybersecurity training. They’ll receive six (6) videos (each video is 3-4min.) and one of our positive reinforcement, hyper-realistic, phishing simulations. All for free.
Registration: https://cyberhoot.com/individuals
Looking for additional resources?
CyberHoot White Paper Download – How HootPhish Improves upon AttackPhish
All New: 2025 Infographics on Cybersecurity Statistics
Secure your business with CyberHoot Today!!!
The post CyberHoot’s Cybersecurity Newsletter: Feb. 2026 appeared first on CyberHoot.