Cybersecurity

Hackers took 20,225 Instagram accounts by asking nicely: attackers hijacked high-profile accounts (the Obama-era White House account, a Space Force chief, Sephora) by asking Meta's AI Support Assistant to add a new email and reset the password; a bug in a side code path skipped verifying the requester. The canonical agentic-AI-in-production failure: the chatbot had account-recovery powers and infinite patience.

Meta's bad privacy month, continued: WIRED found a dormant facial-recognition system ("NameTag") in the Meta AI app that pairs with its smart glasses (stripped within 48 hours of the report), and Reuters revealed the Model Capability Initiative was recording employee emails, chats and clipboards across 200+ apps to train agentic AI. After a 1,500-signature internal petition, employees can now pause collection… for 30 minutes at a time.

OWASP: prompt injection is "the universal joint": the 2026 State of Agentic AI Security report moved from theory to a catalog of real CVEs (the LiteLLM PyPI backdoor, a Cursor allowlist bypass, a Codex CLI sandbox flaw), with prompt injection mapping to 6 of its Top 10 agentic risks. Also this month: BadHost (CVE-2026-48710), a Starlette Host-header authorization bypass affecting vLLM, LiteLLM, FastAPI, Open WebUI and countless MCP servers. Patch, then ponder how much of the agentic stack rests on a handful of under-maintained packages.

Grok's legal pile-up: Labour MP Jess Asato filed the first UK claim against xAI over non-consensual sexualized deepfakes, and Canada's Privacy Commissioner found X/xAI violated federal privacy law (Grok's image tool at one point produced over 6,000 sexualized images per hour). This stacks on the EU's DSA proceedings and an Ofcom investigation.

Sources: 404 Media, TechCrunch, BleepingComputer, EFF, Engadget, TechSpot (MCI), OWASP report, Help Net Security, X41 advisory, Ars Technica, AWO, Privacy Commissioner, CBC