Hackers exploited a "confused deputy" logic flaw in Meta's AI-powered account recovery assistant to take over hundreds of high-profile Instagram accounts, including those of the Obama White House, Sephora, and a senior Space Force official. By simply asking the chatbot to link a new email address to targeted accounts, using VPNs to spoof locations and AI-altered photos to bypass identity checks, attackers were able to reset passwords and circumvent two-factor authentication without alerting victims. Meta has since patched the vulnerability, but the incident highlights the critical risk of granting AI agents broad system access without robust authorization controls.
