Show threadAnnual Computer Security Applications Conference3d ago
Opening the session was Wang et al.'s "The 2FA Illusion: Uncovering Weak Links of Web Account Access in the Wild" on how #2FA can fall short in practice. (https://www.acsac.org/2025/program/final/s389.html) 2/6
#MFA #AccountSecurity
N-gated Hacker NewsJun 16
🚨Breaking news: gamers learn a tough lesson as their accounts get hijacked by evil wallpaper! 🎮🖼️ Remember, folks, not all downloadable content is meant to be downloaded. Also, kudos to #Kaspersky for bravely stepping in to state the obvious. 🏆🔍
https://securelist.com/dozens-of-malicious-wallpapers-found-on-steam-workshop/120186/ #gamersbeware #accountsecurity #malware #gamingnews #cybersecurity #HackerNews #ngated
Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk

Since late 2025, malware has been spreading rapidly through the Steam Workshop. In most cases, we caught old, familiar threats such as DarkKomet, the Lumma and Vidar infostealers.

Kaspersky
knoppixJun 11

This is genuinely wild.

Meta’s AI support chatbot was tricked into helping hijack Instagram accounts by processing email changes and password resets as legitimate requests. 🤯
The attack used VPN spoofing and chatbot-driven recovery flows, showing how automated support systems can become identity bypass points. 🧠

🔗 https://techcrunch.com/2026/06/01/hackers-hijacked-instagram-accounts-by-tricking-meta-ai-support-chatbot-into-granting-access/

#TechNews #Security #Instagram #Facebook #Meta #MetaAI #Cybersecurity #Hacking #Cybercrime #AI #Privacy #AccountSecurity #DataProtection #Infosec #Privacy

Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access | TechCrunch

Several users on social media reported having their Instagram accounts hacked over the weekend. Meta's own support chatbot was blamed for allowing hackers to hijack accounts.

TechCrunch
OffSequenceJun 8
Instagram AI support tool abused: 20,000+ accounts compromised (MEDIUM). Flaw in HTS tool let attackers reset passwords via unverified emails if 2FA was off. Meta reset affected accounts & urges enabling 2FA. No CVE. https://radar.offseq.com/threat/meta-says-20000-instagram-accounts-hacked-via-ai-t-3868e5fd #OffSeq #Infosec #AccountSecurity
knoppixJun 6

Instagram fixed a flaw that allowed attackers to hijack accounts by manipulating Meta’s AI support chatbot into adding a new email and resetting passwords. 🤖
Researchers verified the attack flow, which bypassed control of the victim’s original email and affected multiple accounts before Meta deployed a fix. 🔐

🔗 https://techcrunch.com/2026/06/01/hackers-hijacked-instagram-accounts-by-tricking-meta-ai-support-chatbot-into-granting-access/

#TechNews #Instagram #Meta #MetaAI #Cybersecurity #AccountSecurity #AI #Hackers #Privacy #Security #Authentication #SocialMedia #Tech #Cybercrime #Infosec

Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access | TechCrunch

Several users on social media reported having their Instagram accounts hacked over the weekend. Meta's own support chatbot was blamed for allowing hackers to hijack accounts.

TechCrunch
TechNaduJun 2

Sometimes it's "What happens when attackers learn how to manipulate the AI itself?"

Instagram has patched a vulnerability that reportedly allowed threat actors to hijack accounts by exploiting Meta's AI-powered Support Assistant. According to reports, attackers could use a VPN to appear closer to a target's location, interact with the chatbot, add a new email address to the victim's account, and ultimately gain access to password reset functionality.

What's particularly concerning is that the attack allegedly didn't require compromising the victim's actual email account. Instead, the exploit focused on abusing trust in an automated support workflow.

https://www.technadu.com/instagram-patches-meta-ai-support-assistant-hijacking-vulnerability/628836/

Do you think organizations are moving too quickly to automate sensitive support functions, or is this simply part of the learning curve for AI-powered services?

#Cybersecurity #AI #AccountSecurity #InfoSec #SocialEngineering

Show threadOsintCatJun 1

Protect yourself now:
✅ App-based 2FA — not SMS
✅ Private recovery email, not your public one
✅ Check active sessions: Settings → Security → Login Activity
✅ Save backup codes offline

Accounts WITH 2FA were not affected. Everyone else was a valid target.

#Instagram #MetaAI #CyberSecurity #AIRisk #InfoSec #AccountSecurity

OsintCatJun 1

🚨 Meta's AI support chatbot was weaponized to hijack Instagram accounts — with nothing but a username and a chat message.

Obama's White House account hit. $500K+ in rare handles stolen. 100+ accounts compromised. Exploit was live for days.

Here's the full breakdown 🧵 #CyberSecurity #Instagram #MetaAI #InfoSec #AIRisk #AccountSecurity

MattyMay 3

don't you love how secure modern web-shopping is nowadays.

a.k.a.: a fine example of why we don't repeat passwords, or usernames if it can be helped.

#password #security #cyberSecurity #accountSecurity

NERDS.xyz – Real Tech News for Real Nerds [Unofficial]May 2

OpenAI launches Advanced Account Security with YubiKey support to lock down ChatGPT accounts

https://fed.brid.gy/r/https://nerds.xyz/2026/05/openai-advanced-account-security-chatgpt/