Tag

Account Hijacking

All articles tagged with #account hijacking

Hackers Exploit Meta AI to Seize Instagram Accounts
technology1 month ago

Hackers Exploit Meta AI to Seize Instagram Accounts

Meta's AI-powered support bot was reportedly exploited to change the email address linked to Instagram accounts and reset passwords without robust identity verification, enabling hijacks via VPN-based location checks and even bypassing selfie verification. Meta patched the flaw over the weekend and says it is securing affected accounts, with several high-profile hijack incidents noted.

Hackers weaponize Meta's AI assistant to seize Instagram accounts
technology1 month ago

Hackers weaponize Meta's AI assistant to seize Instagram accounts

Hackers exploited Meta's AI-powered support chatbot to hijack Instagram accounts by instructing it to switch the linked email and send a verification code, allowing them to reset passwords and lock out the real owners; the incidents included high-profile targets like Barack Obama’s White House Instagram and others, and Meta says the flaw has been patched, though researchers also reported their own accounts being compromised during the period; analysts warn that rapid AI deployment and ongoing layoffs could create security gaps.

Hackers weaponize Meta’s AI help bot to hijack high‑profile Instagram accounts
technology1 month ago

Hackers weaponize Meta’s AI help bot to hijack high‑profile Instagram accounts

Hackers used Meta's AI-powered support chatbot to hijack high-profile Instagram accounts, including Barack Obama’s White House account. They prompted a verification code to a new email and used it to reset passwords, with videos showing VPN-based location spoofing to bypass safeguards. Meta says the issue is resolved and impacted accounts are being secured, but the incident highlights risks in relying on AI for key security actions like password resets as Meta expands AI features across its apps.

"Zero-Day Hack Hits High-Profile TikTok Accounts, Including CNN"
cybersecurity2 years ago

"Zero-Day Hack Hits High-Profile TikTok Accounts, Including CNN"

TikTok is addressing a cyberattack targeting high-profile users via direct messages, with measures in place to stop the attack and restore affected accounts. The attack, described as a "potential exploit," has compromised at least two accounts, including CNN's. This incident heightens concerns over cybersecurity, especially with the upcoming presidential election, and adds to ongoing privacy issues surrounding TikTok in the US.

"GitLab Issues Urgent Patch for Zero-Click Account Hijacking Vulnerability"
technology2 years ago

"GitLab Issues Urgent Patch for Zero-Click Account Hijacking Vulnerability"

GitLab has issued security updates for its Community and Enterprise Editions to address critical vulnerabilities, including a zero-click account hijacking flaw (CVE-2023-7028) that allows attackers to take over accounts without user interaction. The flaw affects versions 16.1 to 16.7 and could lead to the compromise of proprietary code and sensitive data. Other vulnerabilities include the abuse of Slack/Mattermost integrations and bypassing CODEOWNERS approval. Users are strongly advised to update their installations as soon as possible.