CISA Advisories

Meta's AI Hacked 20K Instagram Accounts 🤖 + Ubiquiti's Perfect 10 Bug 🔌

Two stories from today's security headlines deserve your attention: a massive AI-assisted account takeover hitting everyday Instagram users, and a maximum-severity flaw in the network hardware sitting inside thousands of businesses right now.

Meta's Own AI Chatbot Handed Hackers 20,000+ Instagram Accounts

Meta has confirmed that at least 20,225 Instagram accounts were hijacked between mid-April and early June 2026 — and the culprit was a bug in Meta's own AI-powered account recovery chatbot. The flaw was surprisingly simple: the chatbot failed to verify that the email address provided during a password reset actually matched the one on the account. Attackers just had to ask nicely, and the bot sent reset links straight to attacker-controlled addresses.

Any account without two-factor authentication (2FA) enabled was at risk. Once inside, attackers had full access to DMs, posts, contact information, and dates of birth. Meta has since disabled the chatbot and patched the bug, but the incident is a stark reminder that automating account recovery without a human safety net can backfire badly — especially when AI can be fooled by AI-generated verification media.

What you should do: Enable 2FA on all your social media accounts today. It would have blocked every single one of these takeovers.

Read more →

Perfect 10 Vulnerability: Ubiquiti UniFi Gear Exposed to Unauthenticated Takeover

If your office or home network runs on Ubiquiti UniFi equipment — and a huge number do — this one needs immediate action. Security researchers at Bishop Fox discovered three vulnerabilities in UniFi OS Server, all rated CVSS 10.0, the highest possible severity score. Chained together, they allow an attacker with no credentials whatsoever to gain full root control of the device.

The attack exploits a clever mismatch in how the system's web gateway handles URLs (a %2f encoding trick), then pivots into a command injection flaw in the software update service. Affected devices include Cloud Gateways, Dream Machines, UniFi Network Application Server (UNAS), and UniFi Express units. Patches are available now — versions 5.1.12, 5.1.10, 5.1.11, and 4.0.14 depending on your device. Admins should also rotate all credentials and JWT/TLS keys on any exposed instance, since patching alone isn't enough if keys were already stolen.

What you should do: Update your UniFi hardware immediately and restrict management port TCP 11443 to a trusted VLAN only.

Read more →

Threats move fast — your defenses should too. Stay ahead with GOCO Security.

Comments

Popular Posts