Meta’s AI support chatbot proved unusually helpful to hackers looking to steal and resell notable Instagram accounts—the hackers simply asking the bot to change the accounts’ associated email addresses while using VPN to mask their true locations.

Videos featuring the “shockingly easy” exploit have been circulating among Telegram groups for hackers and security researchers, according to 404 Media. The exploit allowed hackers to take over and flip valuable Instagram accounts worth hundreds of thousands of dollars on the gray market before Meta implemented an emergency patch on May 29. The Barack Obama White House account and the Chief Master Sergeant of Space Force’s account also posted pro-Iranian images and messages while they were temporarily compromised.

Attackers simply had to use a VPN to approximately match their location to the target Instagram account’s region, begin a password reset process, and then ask Meta’s AI support chatbot to change the email address associated with the account, according to 404 Media. It’s a very straightforward prompt injection attack.

Read full article

Comments

© Marcin Golba/NurPhoto via Getty Images

Meta’s AI support chatbot proved unusually helpful to hackers looking to steal and resell notable Instagram accounts—the hackers simply asking the bot to change the accounts’ associated email addresses while using VPN to mask their true locations.

Videos featuring the “shockingly easy” exploit have been circulating among Telegram groups for hackers and security researchers, according to 404 Media. The exploit allowed hackers to take over and flip valuable Instagram accounts worth hundreds of thousands of dollars on the gray market before Meta implemented an emergency patch on May 29. The Barack Obama White House account and the Chief Master Sergeant of Space Force’s account also posted pro-Iranian images and messages while they were temporarily compromised.

Attackers simply had to use a VPN to approximately match their location to the target Instagram account’s region, begin a password reset process, and then ask Meta’s AI support chatbot to change the email address associated with the account, according to 404 Media. It’s a very straightforward prompt injection attack.

Read full article

Comments

© Marcin Golba/NurPhoto via Getty Images

Meta says it's working on securing accounts that were affected by a hack.

Meta says it's working on securing accounts that were affected by a hack.

Meta's AI support chatbot helped hackers hijack Instagram accounts, as reported earlier by 404 Media. In a video shared on Telegram, a hacker shows how they could take over an account by asking Meta's chatbot to switch the email associated with someone else's profile and then reset the password.

The issue, which Meta says has since been patched, cropped up around the same time Barack Obama's White House account on Instagram was hacked. On Sunday, users noticed that the @obamawhitehouse account began posting images containing Iranian propaganda. Hackers appeared to have hijacked the Instagram accounts belonging to the US Space Force Chief Ma …

Read the full story at The Verge.

The company is also expanding its teen account detection systems to Facebook.

The company is also expanding its teen account detection systems to Facebook.

Meta Platforms reportedly acknowledged its controversial employee surveillance programme captures data from employees outside the US, raising fresh legal questions in Europe.

Reuters reported internal documentation it reviewed showed the company’s Model Capability Initiative (MCI) does capture data outside of the US.

MCI was introduced last month as a tool to record how US-based employees interact with their work computers by tracking mouse movements, clicks and navigation patterns across more than 200 apps and websites.

The goal of MCI is to use the employee-generated data to train AI agents capable of performing coding and white-collar tasks.

Meta told staff the programme is confined to US devices and stated safeguards are in place to protect sensitive information.

The news agency noted Meta acknowledged in a question-and-answer document provided to employees MCI will capture the contents of any emails or direct messages sent to US personnel, regardless of the sender’s ⁠location.

Meta spokesperson Dave Arnold told Reuters the company notified non-US employees the tool was running on the machines of US-based colleagues they might correspond with, describing the step as one of transparency.

A representative for Meta told Mobile World Live: “We’ve been clear that this tool is for US-based personnel only, and in the interest of transparency, we notified non-US employees that it was deployed on the computers of US colleagues they may email or chat with in the normal course of business.”

“We carefully considered and mitigated potential privacy risks in both the development and deployment of this tool, and we are committed to complying with applicable laws and regulations.” 

New regulatory exposure
Reuters stated the disclosure introduces new regulatory exposure in Europe, where technology companies are already fighting a series of heated legal battles over data collection.

Under the EU’s GDPR rules, the news site explained companies must establish a clear legal basis for processing personal data, disclose what is being collected and satisfy strict conditions around sensitive categories of information.

Kleanthi Sardeli, a legal expert at privacy advocacy group NOYB, told the news site even limited or incidental capture of EU employee data could put Meta in breach of GDPR rules.

A key question, she said, is whether data originally gathered for work communications can lawfully be repurposed to train an AI model.

The post Meta tracking tool raises EU GDPR concerns appeared first on Mobile World Live.

Sarah Wynn-Williams did not speak during event after lawyers warned of possible sanctions from tech firm

Facebook whistleblower Sarah Wynn-Williams was forced to sit in silence on stage at an event at Hay festival, after lawyers advised her not to speak because of ongoing legal action brought by Meta.

Wynn-Williams, whose bestselling memoir, Careless People, details her years working at Facebook, was due to appear in conversation with the investigative journalist Carole Cadwalladr and academic Tim Wu.

Continue reading...

© Photograph: Sam Hardwick

© Photograph: Sam Hardwick

© Photograph: Sam Hardwick

We’ve already seen AI go rogue on numerous occasions. Now, new research suggests that we can expect this to become the norm.

The AI research nonprofit Model Evaluation and Threat Research (METR) recently released a study conducted between February and March of this year, aimed at determining just how likely frontier AI models could go rogue. If you’re given to anxiety about the future of AI, the results are unlikely to make you feel better.

“Given rapidly advancing capabilities, we expect the plausible robustness of rogue deployments to increase substantially in the coming months,” the researchers wrote.

The research examined LLMs developed by OpenAI, Google, Anthropic, and Meta for the purpose of the study. They found that frontier AI systems are showing signs of disturbingly deceptive behavior as they become more advanced, often turned to verboten shortcuts or otherwise subverting their operators’ instructions — and some were even smart enough to try to cover their tracks.

In one instance, an internal frontier AI model from OpenAI was told to use specific software for an assigned task. Not only did the agent ignore the request, but it also injected a code to erase evidence of how it arrived at its conclusion — which did not involve use of that software.

In another test, an AI agent from Anthropic was caught “reward hacking.” This is when AI identifies loopholes that help it complete its assignment in a literal sense, even if it doesn’t produce the desired outcome. It should be noted that the programmer told the agent not to cheat or leverage any workarounds during its assignment — the model decided to do so all on its own.

The METR researchers behind the study do not believe there is reason for alarm just yet. For example, they don’t think any of these models is capable of hiding evidence of going rogue on a larger scale. However, they did issue a warning: without stronger security and monitoring, there is a stark risk of this becoming a reality.

“Based on this pilot assessment, we believe that agents as of February and March 2026 would not have had sufficient capability to hide a rogue deployment of significant scale against an active investigation by the company, or to make such a deployment robust to a high-priority effort by the company to shut it down,” the team wrote. “However, this risk could increase rapidly, and we see several reasons to expect the plausible robustness of rogue deployments to increase in the near future, absent stronger alignment, security, and monitoring.”

More on AI going rogue: Scientists Train AI to Be Evil, Find They Can’t Reverse It

The post Top AI Models Showing Disturbing Behavior as They Become More Advanced appeared first on Futurism.

European law requires large platforms to offer alternative feeds.

The Kentucky school district that filed a social media addiction lawsuit against Meta and other companies is getting $27 million in settlement.

Also: The latest on iOS 27, iOS 28, new Apple TV and HomePod mini.

Meta Platforms prepared to test paid plans for its AI services and expand availability of subscriptions for WhatsApp, Instagram and Facebook, as the technology giant looks to diversify revenue streams during a period of heavy spending.

Naomi Gleit, Meta’s head of product, explained in an Instagram video the company is “starting to roll out Facebook Plus, Instagram Plus and WhatsApp Plus with enhanced features”.

She added users accessing Meta AI will be given “more to work with, more capacity, bigger, more complex requests, and more room to create for businesses and creators”.

Bloomberg reported the social media giant will trial two consumer AI subscription tiers from next month in Singapore, Guatemala and Bolivia, while retaining a free version of the Meta AI app and website.

Meta One Plus will apparently cost $7.99 a month and target users who regularly generate AI images and videos or make heavy use of reasoning features, while Meta One Premium will be around $20 and offer the same tools but with higher usage limits.

Specific products for businesses and creators, Meta One Essential and Meta One Advanced, are also set to be offered.

WhatsApp, Instagram and Facebook offerings will be priced at around $2.99 to $3.99 a month depending on the market, Bloomberg reported. Users paying for Meta AI will gain access to those app-specific benefits.

“We’re offering premium tools that allow you to enhance presence, supercharge content, automate tasks and protect your brand” Gleit said, adding “eventually we see Meta One as the one place that brings our subscriptions together across all of our apps”.

The trials are Meta’s first attempt to charge consumers for AI features. Rivals OpenAI and Google already offer paid chatbot subscriptions.

Its move to generate subscription revenue comes during an aggressive AI investment drive.

Meta is pumping more than $10 billion into building a massive data centre campus in the US state of Indiana. Last month, the company also raised its capex forecast for 2026 to between $125 billion and $145 billion to fund AI infrastructure plans.

The post Meta adds paid tier for social media apps, eyes AI revenue appeared first on Mobile World Live.

Jay Morris denies experts’ claims that he violated ethics rules over land deals near the site of Meta’s Hyperion datacenter

This story is from Floodlight, a non-profit newsroom that investigates the powers stalling climate action

For more than two years, John “Jay” Morris, a Louisiana state senator, helped pave the way for Meta to build one of the world’s largest datacenters, called Hyperion, in Richland Parish.

Continue reading...

© Photograph: Jay Marcano/Gulf States Newsroom

© Photograph: Jay Marcano/Gulf States Newsroom

© Photograph: Jay Marcano/Gulf States Newsroom

The Texas Attorney General has sued Meta over allegations that the company’s WhatsApp messenger, used by more than 3 billion people, doesn’t provide the end-to-end encryption (E2EE) it has long claimed.

Since at least 2016, Meta (then named Facebook) has said WhatsApp provides robust end-to-end encryption, meaning that messages are encrypted on a sender’s device with keys that are available only to the receiver's. By definition, E2EE means that no one else—including the platform itself—can read the plaintext messages.

In sworn testimony before two US Senate committees in 2018, CEO Mark Zuckerberg said Meta does “not see any of the content in WhatsApp; it is fully encrypted” and that “Facebook systems do not see the content of messages being transferred over WhatsApp.” The engine for this E2EE is the Signal protocol, an open source code base that multiple third-party experts have said lives up to its promises.

Read full article

Comments

© Getty Images

European law requires large platforms to offer alternative feeds.