A critical vulnerability in Meta's AI-powered support chatbot has been exploited by attackers to hijack Instagram accounts without requiring access to the victims' email inboxes. The flaw, which was recently patched by Instagram, allowed attackers to reset account passwords and gain unauthorized access. Several high-profile accounts were affected, with security researcher Jane Wong and other users reporting the issue. The vulnerability was abused by attackers to take control of multiple accounts, highlighting the security risks associated with AI-powered support systems. The fact that attackers could exploit this flaw without needing to access the victims' email inboxes makes it particularly concerning1. This incident matters to security practitioners because it underscores the importance of thoroughly testing and securing AI-powered support systems to prevent similar attacks in the future.
Instagram Account Hijacks Expose the Security Risks of AI-Powered Support
⚠️ Critical Alert
Why This Matters
“Instagram has resolved a security issue that allowed several users’ accounts to
References
- SecurityAffairs. (2026, June 2). Instagram Account Hijacks Expose the Security Risks of AI-Powered Support. SecurityAffairs. https://securityaffairs.com/193034/hacking/instagram-account-hijacks-expose-the-security-risks-of-ai-powered-support.html
Original Source
SecurityAffairs
Read original →