Cyber Security News

Hacking Editorial Brief — June 8, 2026

Meta AI Support Tool Exploited to Compromise 20,000 Instagram Accounts

Meta disclosed that approximately 20,000 Instagram accounts were hijacked through abuse of its AI-powered account recovery support tool. The attack represents a new vector in social media platform compromise, exploiting automated customer service systems rather than traditional authentication mechanisms. The incident adds detail to yesterday's reported Meta AI Instagram breach, confirming the scope and identifying the specific AI support infrastructure that was manipulated. While Meta has not released technical details on the exploitation method, the compromise underscores risks inherent in deploying AI assistance for sensitive account recovery workflows where authorization decisions are partially automated.

Microsoft GitHub Repositories Targeted in Miasma Supply Chain Campaign

Microsoft confirmed that 73 of its GitHub repositories were compromised in the ongoing Miasma self-replicating worm campaign. The attack represents a significant supply chain threat as attackers target trusted code repositories to inject malicious dependencies that propagate through downstream users. Separately, Visual Studio Code implemented a two-hour delay on automatic extension updates as a defensive measure to limit exposure window in supply chain attacks, allowing time for malicious updates to be identified before widespread deployment. Researchers also published findings on using LLM agents to automate reconnaissance and exploitation of Salesforce sites, demonstrating increasingly sophisticated offensive use of AI tooling. The FBI and U.S. power infrastructure were identified among the most significant hacking incidents in the first half of 2026, with Iranian-linked threat actors cited in attacks on government networks.

Sources: SecurityWeek · Bleeping Computer · WIU Cybersecurity Center · The Hacker News · Digital Today