Meta’s AI Support Bot Helps Hackers Hijack High‑Profile Instagram Accounts

Over the weekend, hackers seized dozens of Instagram accounts, including those of former President Barack Obama, Sephora and a U.S. Space Force sergeant, by exploiting Meta’s AI‑driven customer‑support chatbot. The bot accepted password‑reset requests without proper verification, sent reset codes to the attackers’ email, and then displayed a “Reset Password” button that let the hackers take control. The vulnerability, which bypassed accounts lacking multifactor authentication, has since been patched, and Meta says it is working to secure compromised accounts. Lire la suite