top of page
ALL POSTS
Hackers Exploited Meta's AI Support Bot to Compromise Instagram Accounts
Key Findings Meta's AI support assistant was exploited to hijack high-profile Instagram accounts including the Obama White House account and U.S. Space Force Chief Master Sergeant account over the weekend of May 31 Hackers used a VPN to spoof location, then tricked the AI bot into adding unauthorized email addresses to target accounts and resetting passwords The exploit bypassed two-factor authentication entirely and was defeated only by accounts with multi-factor authenticat
Jun 23 min read
Critical Langflow Vulnerability CVE-2026-33017 Sparks Rapid Exploitation Within Hours
Key Findings * Critical remote code execution vulnerability in Langflow (CVE-2026-33017) * CVSS score: 9.3 * Exploited within 20 hours of advisory publication * Allows unauthenticated remote code execution via API endpoint * Affects all Langflow versions prior to 1.8.1 * Attackers can execute arbitrary Python code with full server privileges * Observed exploitation includes credential harvesting and potential supply chain compromise Background Langflow, an open-source AI plat
Mar 212 min read
bottom of page
