Attackers used Meta’s automated Instagram support assistant to take over accounts, including the Obama White House account and the U.S. Space Force chief master sergeant account, and briefly deface them with pro-Iran messages. According to KrebsOnSecurity and Telegram posts cited in the report, the abuse involved the password-recovery flow: attackers asked the AI bot to add a new email address to a target account, then used the one-time code sent there to reset the password. No CVE is given, Meta reportedly pushed an emergency patch, and accounts with multi-factor authentication enabled were said to resist the takeover.
Eduard Kovacs
2026.06.08
98% relevant
This is the same underlying event: abuse of Meta’s AI-powered Instagram account recovery/support workflow to reset passwords and hijack accounts. It adds Meta’s disclosure that 20,225 accounts were potentially affected, the discovery date (May 31), a precise explanation of the email-verification bug in the High Touch Support tool, and remediation steps including disabling the tool, invalidating reset links, and forcing security checkpoints.
Sergiu Gatlan
2026.06.08
99% relevant
This is the same underlying event: abuse of Meta's High Touch Support AI-assisted Instagram recovery flow to issue password reset links and hijack accounts. The article adds Meta's breach disclosure, an estimated impact of over 20,000 stolen accounts, timeline details including discovery on May 31 and breach activity dating to April 17, and Meta's response steps such as disabling HTS, invalidating reset links, and requiring account re-authentication.
Bruce Schneier
2026.06.04
98% relevant
This is the same underlying event: attackers abused Meta’s Instagram AI support assistant to add attacker-controlled email addresses, receive verification codes, and trigger password resets for victim accounts; this source adds that Meta spokesperson Andy Stone said the issue was fixed.
Bill Toulas
2026.06.02
99% relevant
This is the same underlying event: attackers abused Meta’s AI-powered Instagram support and recovery process to change account email addresses, bypass recovery safeguards including selfie verification and reportedly 2FA, and hijack high-value accounts such as the Obama White House account. This source adds reporting on victims being trapped in AI-only recovery loops, claims that AI-generated animated selfies were accepted for identity checks, and Meta communications VP Andy Stone’s statement that the issue was resolved and impacted accounts were being secured.
Ionut Arghire
2026.06.02
99% relevant
This article covers the same underlying event and adds specifics on the attack path: a confused-deputy logic flaw in Meta’s AI-powered recovery assistant let attackers relink victim accounts to new email addresses, use VPNs to mimic victims’ locations, sometimes submit AI-modified selfies, and then reset passwords without effective 2FA blocking. It also says Meta has now fixed the issue.
BrianKrebs
2026.06.01
100% relevant
This article appears to be the first concrete report tying a specific Meta AI support-bot recovery flaw to real Instagram account hijackings and visible defacements.