Attackers are exploiting Meta’s AI support chatbot to hijack Instagram accounts by tricking the bot into adding a hacker-controlled email address and issuing a password reset. The attack requires no prior account access and bypasses Instagram’s automated protections using a VPN to spoof the victim’s location. This demonstrates a critical flaw in how AI-powered support systems validate identity before performing sensitive account actions.

Architect’s Take: Organisations deploying AI chatbots for customer support or account management must enforce out-of-band identity verification for any privileged actions — such as adding credentials or triggering resets — and ensure the AI cannot be the sole authorisation path for account takeover-enabling operations. Review your own AI assistant integrations for similar trust boundary weaknesses where bot-initiated actions bypass human or MFA controls.

Original advisory: Hacking Meta’s AI Chatbot

Attackers are exploiting Meta’s AI support chatbot to hijack Instagram accounts by social-engineering the bot into adding a hacker-controlled email address and triggering a password reset. The attack requires no technical vulnerability in the traditional sense — the AI simply complies with the request after a verification code exchange. This highlights a significant trust and authorisation flaw in how Meta’s AI assistant handles account management actions on behalf of unauthenticated parties.

Architect’s Take: Treat AI-powered support agents as a privileged access vector and apply the same controls you would to any account recovery flow — ensure they cannot perform account modifications without verified, out-of-band identity confirmation tied to the existing account owner, not the requester.

Original advisory: Hacking Meta’s AI Chatbot

The US Department of Justice ran a coordinated ‘Disruption Week’ operation from May 2026 targeting Southeast Asian criminal networks running cryptocurrency and cyber-enabled fraud schemes against American victims. The action involved both government agencies and private sector partners, resulting in the takedown of millions of fraudulent social media, email, and internet accounts, and the freezing of $3.8 million in assets. These operations are typically linked to pig butchering and romance scam networks, which increasingly exploit cloud-hosted infrastructure and social engineering at scale.

Architect’s Take: Review your organisation’s cloud egress controls and user awareness posture around unsolicited crypto investment opportunities, as these networks actively target employees and high-value individuals. Consider integrating threat intelligence feeds covering known fraud infrastructure into your SIEM to detect communications with associated domains and IPs.

Original advisory: DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets