logo

Threat actors compromised more than 20,000 Instagram accounts via Meta's AI support tool.

ID: 4bdf861e-3a97-551d-ab70-afac5ca06df9

STIX ID: report--4bdf861e-3a97-551d-ab70-afac5ca06df9

Feed Name: The CyberWire

Threat Score
65/100

Date Published: 2026-06-08

Date Updated: 2026-06-09

...
...

Meta confirmed a bug in its 'High Touch Support' AI tool allowed attackers to receive password reset links for over 20,000 Instagram accounts by supplying unassociated email addresses, enabling account takeovers when 2FA was not enabled; Meta has disabled the tool while fixing the issue. Separately, Meta asked a judge to hold NSO Group in contempt for alleged continued WhatsApp-targeting and social-engineering campaigns, and U.S. authorities sentenced a Nemesis Market vendor to over 26 years for trafficking drugs via the darknet marketplace.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.