/AI13h ago

Meta's AI chatbot allowed attackers to hijack high-profile Instagram accounts by executing email and password changes without verification

Hijacked accounts included the White House and U.S. Space Force

--0--
Original posts
AshutoshShrivastava
Reposts
gavin leech (Non-Reasoning)
Elon Musk#76
Original postElon Musk#76
AshutoshShrivastava@ai_for_success

This is disaster from Meta AI.

Imagine being able to hack high profile accounts like White House, the U.S. Space Force, and Sephora simply by chatting with a support bot.

why would an AI chatbot be allowed to perform critical actions like changing the email address of an account in the first place?

Password resets, email changes, and account recovery are some of the most sensitive security operations. Handing that authority to a chatbot without robust verification seems like a disaster waiting to happen.

This is exactly why AI agents should have guardrails before they get access to real systems.

Source : 404

9:39 PM · Jun 1, 2026 · 361.8K Views
Sentiment
Sentiment building, check back later.
Cluster Engagement
-
Views
-
Comments
-
Reposts
-
Bookmarks
Expand data
Posts from X
Most Activity
Most ActivityTimeline
RETWEETS128
kalomaze@kalomaze

i want to not overclaim but afaic this is the single worst security vulnerability in social media history, for any platform, period i don't think people are giving this the weight it deserves. it's not generically bad. the scope was ~any non-2FA accounts. as in, billions hackable

impulsive@weezerOSINT

meta gave their AI support agent the ability to modify your instagram account. no identity verification. people figured this out and accounts are being taken over right now

1dViews 105.4KLikes 1.7KBookmarks 256