Tuesday , July 14 2026

Hackers Use Meta’s AI Bot to Take Over Instagram Accounts

Many Instagram users lost access to their accounts because attackers tricked Meta’s AI support tools into thinking they were the real owners. Many users can’t get back in because the platform only uses AI or chatbots for help, without any human support.

On Monday, many people with valuable accounts said they suddenly couldn’t get into their accounts. They claimed their identities were checked using facial scans and they had set up safety measures like two-factor authentication (2FA).

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

Among the impacted accounts were one previously used by the Obama White House team, one belonging to app researcher Jane Manchun Wong, @hey, and @korn.

The owner of the @korn account, who noted that the band never officially claimed the account and is using another one, expressed frustration with Meta’s recovery mechanism, which had put them in a time-wasting loop.

“I spent 6 hours trying to get human support, and Meta’s support AI gave me 4 broken links in a row,” explained the user identifying as Kornel.

“We’re at the point where one AI stole it, and another can’t fix it, zero humans in the loop anywhere,” the @korn account owner said.

Some reporters say the account-hijacking attacks were not serious. The attackers chatted with Meta’s AI assistant, made it believe they were the real account owner, and fooled it into changing the email linked to the account.

The takeover begins when the hacker uses the “forgot password” option because the account is hacked. When Instagram’s AI asks the user for a selfie to verify, the hacker takes a photo from the person’s account, changes it into a video with AI, and sends it to Meta for proof.

User André says that “Meta’s AI just accepts it because it can’t tell the difference between a real selfie and an AI-generated video of someone’s face.” They also added that the takeover method bypasses 2FA protections.

“Then you try to recover your account, and you’re talking to a chatbot that has zero ability to help. You can’t escalate to a human. You’re just stuck. Your asset is gone, and there’s no one to call,” André said.

Mitigation for Users:

Meta says the certain problem is fixed, but stealing accounts is still a risk. Important steps to strengthen the account:

Switch from SMS-based 2FA to an authenticator app (Google Authenticator, Authy) or a hardware security key to eliminate SIM-swap exposure.
Use a private, unlisted email not publicly associated with your name, website, or LinkedIn profile.
Generate fresh backup recovery codes under Security Settings and store them offline in a password manager or in a physical format not in email drafts.
Audit active sessions via Settings & Privacy → Accounts Center → Password and Security → Where You’re Logged In, and terminate any unrecognized sessions.
Never click links in unexpected password reset emails from Instagram; navigate directly to the app to verify your linked contact information.

Check Also

FortiGate

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the …