Feed aggregator

Article URL: https://www.theverge.com/ai-artificial-intelligence/942629/as-ai-gets-better-it-reveals-an-empty-promise

Comments URL: https://news.ycombinator.com/item?id=48396393

Points: 2

# Comments: 0

We've tested smart sprinklers: Here's why you should have one, and which models proved the best.

Article URL: https://arxiv.org/abs/2605.11325

Comments URL: https://news.ycombinator.com/item?id=48396376

Points: 2

# Comments: 0

Article URL: https://thenewstack.io/nanoclaw-openclaw-agent-security/

Comments URL: https://news.ycombinator.com/item?id=48396375

Points: 1

# Comments: 0

Article URL: https://help.x.com/en/rules-and-policies/authenticity

Comments URL: https://news.ycombinator.com/item?id=48396361

Points: 1

# Comments: 1

Article URL: https://colin-scott.github.io/personal_website/research/interactive_latency.html

Comments URL: https://news.ycombinator.com/item?id=48396189

Points: 1

# Comments: 0

Article URL: https://github.com/Ripthulhu/harmony-hub-root

Comments URL: https://news.ycombinator.com/item?id=48396168

Points: 1

# Comments: 1

Article URL: https://www.heise.de/en/news/Digital-Independence-EU-Plans-Strict-Access-to-State-IT-Structures-11317486.html

Comments URL: https://news.ycombinator.com/item?id=48396137

Points: 3

# Comments: 0

Article URL: https://charitydotwtf.substack.com/p/ai-enthusiasts-are-in-a-race-against

Comments URL: https://news.ycombinator.com/item?id=48396118

Points: 2

# Comments: 0

Article URL: https://learn.microsoft.com/en-us/windows/core-utils/overview

Comments URL: https://news.ycombinator.com/item?id=48396114

Points: 1

# Comments: 1

Article URL: https://www.theregister.com/os-platforms/2026/06/03/grep-this-microsoft-grafts-most-linux-commands-onto-windows/5250796

Comments URL: https://news.ycombinator.com/item?id=48396109

Points: 2

# Comments: 0

Article URL: https://research.giskard.ai/blog/stereotales/

Comments URL: https://news.ycombinator.com/item?id=48396096

Points: 1

# Comments: 0

Customer service chatbots have one job: get the user what they’re asking for without bothering a human. Meta’s new AI support assistant took that brief a little too seriously. Over the past few months, attackers have been opening support chats, telling the bot they were locked out of Instagram accounts they didn’t own, and walking away with the keys.

Over the weekend, Meta pushed an emergency patch after Instagram accounts belonging to the Obama White House (now dormant), beauty retailer Sephora, and a senior US Space Force official were taken over and briefly defaced with pro-Iranian imagery. Security researcher and former Meta employee Jane Manchun Wong was also hit.

How the trick worked

The attack was simple. Attackers worked out where the account owner lived (there are lists of account owners’ home cities online, or they could just research the target). Then they used a VPN to match the target account’s geographic region, which avoided raising flags with Instagram’s security systems.

Then they started a normal password reset and opened the support chat. They asked the AI bot providing support to change the email address on the account, and it did exactly that, sending a one-time code straight to the attacker’s inbox.

To do this, the chatbot appears to have been wired into Meta’s account management systems with permission to make account changes, but without being taught how to verify it was talking to the real account owner. Security people have a name for that: “confused deputy.” The term has been around since the 1980s.

In fairness to the confused bot, attackers were successful even if the enhanced security was triggered. They would apparently create video deepfakes of their targets using images that were harvested from—you guessed it—Instagram.

Meta hoisted on its own AI petard

Meta has been shedding headcount and pouring money into AI, and rolled out its AI-powered support assistant earlier this year to help handle account recovery and other support requests.

The downside is that the AI appears to have been given the ability to perform actions such as email changes and password resets without applying enough safeguards to confirm the user’s identity first.

Meta communications executive Andy Stone said on X that the issue was resolved and impacted accounts were being secured. The company has not disclosed how many accounts were affected.

What actually worked

Why would anyone want to hack an Instagram account anyway? Revenge can be a driver, but more often than not, financial gain is the goal. Hijackers have blackmailed businesses that rely on those accounts for marketing.

Attackers using this technique have also been spotted targeting “OG” accounts with short or highly desirable usernames. If you joined Instagram early and registered a memorable handle, it can be worth thousands of dollars on underground markets.

What can you do to protect yourself?

A perennial piece of advice still holds: turn on multi-factor authentication (MFA). According to veteran cybersecurity reporter Brian Krebs, the attack failed against accounts that had MFA enabled, including those using SMS codes.

That doesn’t make MFA perfect, but it adds an important layer of protection.

So the practical advice is unglamorous:

• Open Instagram’s Settings
• Navigate to your Meta Accounts Center
• Turn on Two-factor authentication. An authenticator app is better than SMS, but either is better than nothing.

Do it now, because this might not yet be over. TheCyberSecGuru reports that another attack is circulating, this time using an Android emulator called BlueStacks running a modified version of Instagram to send new prompts with hidden characters designed to manipulate the AI.

Expect more snafus from “helpful” bots

This won’t be the last attack against AI chatbots. As more companies use AI to reduce customer support costs, their attack surface will grow, and they’ll make plenty of mistakes as they try to balance security and functionality.

The Meta exploit is patched, but the confused deputy concept is not. And there’s nothing quite as damaging as a confused AI with the keys to your digital life.

Scammers don’t need to hack you. They just need you to click once. 

Malwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.

Article URL: https://xlclick.com/

Comments URL: https://news.ycombinator.com/item?id=48396076

Points: 1

# Comments: 0

Article URL: https://www.exasol.com/blog/train-your-own-llm/

Comments URL: https://news.ycombinator.com/item?id=48396068

Points: 3

# Comments: 0

Article URL: https://www.natesilver.net/p/world-cup-2026-odds-predictions

Comments URL: https://news.ycombinator.com/item?id=48396052

Points: 3

# Comments: 0

Article URL: https://www.linkshort.app/r/pagea.uk/nvidia-stock-thesis

Comments URL: https://news.ycombinator.com/item?id=48396034

Points: 1

# Comments: 1

Article URL: https://komersant.ua/en/rosiiany-skarzhatsia-shcho-z-app-store-raptovo-znyk-mesendzher-maks/

Comments URL: https://news.ycombinator.com/item?id=48396024

Points: 1

# Comments: 0

You can get a 2h free trial by solving a proof-of-work captcha when topping up your account for the first time.

If you'd like to learn more, an independent interview was posted a couple of weeks ago [1], and the FAQ [2] has a lot of information as well.

For the source code sharing, we've talked with lawyers and are inclined to no longer require the NDA/NCC for privacy reasons shared with us before (signing requires identification), but instead use a source-available permissive license that doesn't allow competition, like PolyForm Shield [3] (we do still have about 6 months before finalising a decision, here).

This does come with a lot more risks for us (it's harder to track down if someone publishes the code or uses it against the license), but given we've already passed 100 monthly active accounts, we're feeling more confident it's an acceptable risk.

The plan is to give logged in accounts (who are 12 months old or more) a way to download a ZIP of the current code base that's in the server.

Obviously there's no easy way to prove that's the case, but we're open to ideas/suggestions if someone here has them.

[1]: https://theprivacydad.com/interview-with-the-engineer-of-uru...

[2]: https://uruky.com/faq

[3]: https://polyformproject.org/licenses/shield/1.0.0

Comments URL: https://news.ycombinator.com/item?id=48396004

Points: 2

# Comments: 0

Article URL: https://github.com/prassanna-ravishankar/repowire

Comments URL: https://news.ycombinator.com/item?id=48395997

Points: 1

# Comments: 1