this week in security — june 7 2026 edition
THIS WEEK, TL;DR
Meta says 20,000+ users had their Instagram accounts hacked by abusing its AI chatbot
404 Media ($): For months, hackers have been abusing Meta's AI chatbot to gain access to people's Instagram accounts simply by asking. The bug allowed hackers to ask the chatbot to send a verification code to an email address controlled by the hacker, rather than the email address on file. This was a horrendous security flaw. The bug gained mainstream attention this week after hackers hijacked several high-profile accounts, including during the week, even after Meta said it fixed the bug. On Friday, Meta disclosed with Maine's attorney general's office that 20,000+ people had their accounts hacked since mid-April. The company said — with a straight face — that its chatbot "functioned as intended"(!!) but conceded that it still led to account hacks. Incredible that Meta holds so much data and yet couldn't notice literally months of account hacks right under its nose. That might be related to massive layoffs at the company of late.
More: Krebs on Security | Forbes ($) | WSJ ($) | this week in security | @joemenn | @wongmjane
Hackers stole encrypted Dashlane password vaults by brute-forcing its two-factor
Ars Technica: Password manager maker Dashlane confirmed about 20 people had their accounts compromised and their encrypted password vaults stolen after hackers brute-forced the company's two-factor authentication system. It's unclear why the 20-or-so Dashlane customers were targeted, such as because of who they are or what they do. The hackers still need the victim's master password to get access to the encrypted password vault data inside, but that entirely depends on the strength of the master password itself. A similar incident befell LastPass some years ago after one of its engineers was hacked via infostealing malware, and victims are still suffering the consequences years later by way of stolen crypto.
More: Ars Technica | Dashlane | SecurityWeek | TechCrunch ($) | Michael Harley | @zackwhittaker
Health wearable maker Ultrahuman says hackers took customers' health data
TechCrunch ($): Wearable health ring maker Ultrahuman says hackers broke in and stole some customers' wellness data after grabbing sensitive credentials from an employee's laptop, likely through the use of infostealing malware. The Indian startup is a major competitor to the Oura ring, and we all know how Oura stores customers' data (read: ooof) — and Ultrahuman's setup is similar — so this kind of breach was entirely possible because the customer's health data isn't protected with encryption keys stored on the user's devices. The company told @journalistjagmeet that some 0.1% of customers had sensitive data stolen, but that still equates to 700 people at least. Ultrahuman has more in its data breach notice — though, you might not have seen it since the company is currently hiding the page from search engines using "noindex" code.
More: Ultrahuman | California AG | The Verge | MakeUseOf | SC Media
~ ~
~this week in security~ is my weekly cybersecurity newsletter supported by readers like you. Please consider signing up for a paying subscription starting at $10/month for access to exclusive articles, analysis, and more.
Or, you can submit a one-time tip to show your support!
~ ~
THE STUFF YOU MIGHT'VE MISSED
Flux.ai sent threatening legal letter to Adafruit
Adafruit Industries: Adafruit, the makers of open-source gadgetry, said on its blog this week that it received a legal demand letter from Flux.ai, claiming a violation of U.S. hacking laws. Adafruit says its report concerns a matter of "public security interest." It seems to suggest maybe a bug was discovered, and now Flux.ai doesn't like it. Whatever's going on here is worth keeping an eye out for, as is another case of threats of litigation targeting the security research community rather than handling their own scandal. More on Hacker News and Reddit for… some unbridled opinions.
Developer sneaks data-nuking prompt injection into source code
Ars Technica: The developer of Java testing software jqwik controversially slipped a prompt injection into its source code, all but guaranteeing that any AI on the machine would not be able to use any jqwik project or code. jqwik's developer might be protesting the rise of big AI, but that's one way to guarantee nobody will trust your code again.
A virtual walking tour of surveillance in Seattle
Coveillance: The technologists at Coveillance have a blog of a walking tour through downtown Seattle showing all of the various surveillance equipment in public view, from cameras to license plate readers and more. This is a great way to visualize how we are spied on in public spaces — and what to look out for. Enjoy the light breeze and gentle warmth of the sun on your face as you're spied on from all angles.
Police haven't caught thief who used Waymo robotaxi as a getaway car
San Francisco Chronicle ($): Police in San Francisco are still on the hunt for a burglar who used an autonomous Waymo robotaxi as a getaway car. Not the smartest move, given that these cars are absolutely rammed full of cameras and sensors. But the police also didn't help matters by taking some four months to file for a search warrant, by which point Waymo had already deleted the internal camera data.
Comodo ignores denial-of-service bug in its anti-malware engine
MalwareTech: Marcus Hutchins found a bug in Comodo's Internet Security anti-malware engine, which can remotely trigger a denial-of-service condition (think: Blue Screen of Death) on an affected computer, even with all ports blocked. Not great! Comodo never got back to Hutchins, so he released the details as a zero-day — and that's how it goes.
JSON formatting websites are saving and spilling user-uploaded secrets
Beyond Memory: Some of the most popular JSON and code formatting sites are keeping copies of user-submitted text for years, in some cases highly sensitive information like credit card numbers and cloud access tokens. This isn't a new problem, but always a reminder that these sites are basically just someone else's public computer.
How did Columbia obtain, then leak, an Ars reporter's Social Security number?
Ars Technica: A reporter fell down a rabbit hole after learning that their Social Security number had been stolen during Columbia University's hack last year. But the Ars reporter was very sure that they had never shared their unique nine-digits with the school. A mystery unfolds, and why a school hoarded Social Security numbers for two decades.
~ ~
OTHER NEWSY NUGGETS
Red Hat npm packages breached: Several of Red Hat's npm packages have become the latest to be compromised in a supply chain attack. Hackers slipped infostealing code into the packages, which collected passwords from users and then used to spread the malware further. If you use any affected Red Hat package, assume you've been compromised. (via Step Security, @MsftSecIntel)
Android's new anti-spam call feature: Google rolled out a new anti-spam calling feature for Android 12 and later that flags when someone might be spoofing a caller's voice. This is one way to help reduce being tricked by AI spoofs and deepfakes. The feature uses backend cryptography, not your voice print. We can pretty much thank @RachelTobac for this one! (via Wired ($), Google)
Big surge in ClickFix attacks: Security researchers at Silent Push have found a massive rise in ClickFix attacks, which rely on tricking people into copying and pasting malicious code on their own computer. This new wave of attacks hijacks thousands of legitimate, popular websites. (via Dark Reading, Bleeping Computer)
NSA reportedly using Mythos: Anthropic has reportedly embedded half-a-dozen or so engineers in the National Security Agency to help its spies use the Mythos AI model to conduct cyberattacks and offensive cyber operations (though, the NSA glomar'd me when I asked about this.) That's despite an ongoing row by the Trump administration with itself over whether or not Anthropic limiting the government from using its models for domestic mass surveillance makes it a "supply chain risk." (via Financial Times ($), Politico ($), @CristinaCriddle)
Spy law deadline coming up (again): With just a few days before the U.S. spy law known as Section 702 expires on June 12, it remains unclear if lawmakers have enough votes to reauthorize the law. Long story short (again…), the law was already certified by the FISA Court this year so the government's spy powers won't actually run out until April 2027, but this "will-they-won't-they" just shows how little Congress can agree on anything these days. The very excellent @emptywheel has some thoughts on how the FISA Court could intervene, given the administration's ongoing lawlessness. (via Politico ($), PBS)
CIA officer caught with gold bars: A CIA officer was allegedly caught with $40 million worth of gold bars in his house, reportedly stolen after tricking a government contractor into buying the gold through a fake highly classified program designed to keep the scam under wraps. What's really interesting here is that the official's duties (separate from the scam) also included involvement in one of the government’s "most sensitive" intel gathering programs, which is so secret that only a handful of top intelligence officials and lawmakers know of it… and now The Washington Post ($), evidently. (via @justinhendrix)
~ ~
THE HAPPY CORNER
No stacks of gold bars in this newsletter, alas, but we do get to enjoy the peace and quiet in the Happy Corner™.
A very, very happy Pride Month to all from Inspirational Skeletor. And there's no better time to brush up on some data privacy and safety tips from esteemed data expert @Em0nM4stodon, who has you covered with several awesome blog posts.
Great to see that consequences can follow after massive data breaches, with the boss of the retail giant Marks & Spencer having his pay slashed by some 40% after the company's cyberattack last year. The board said the executive team worked hard during a difficult time, sure, but it would "not be appropriate to make a bonus payment."
Moving on to Massachusetts, which passed a great consumer data privacy law this week, mirroring much of the rules given to residents in California and those in Europe under GDPR, such as the individual's right to access, correct, and delete data held on them by a company. The law also bans the sale of consumers' location data — that's huge news! @evangreer explains more on Bluesky, and a blog post from the ACLU is worth reading.
Before we go… *psssts loudly* This is exactly what you say!
And, a bonus (very stylish) cybercat for you.
Got good news to share? Get in touch! this@weekinsecurity.com.
~ ~
CYBER CATS & FRIENDS
This week's cyber cat is Neil, who remains extremely cute at the grand age of 12 years young. Those social engineering skills never go away. Show a little belly, get a little treat. Thanks so much to Rusty for sending in!
🐈 Keep sending in your cyber cats! 🐈⬛ If you have a cat or a non-feline friend, send me an email with their photo and name, and they will be featured in an upcoming newsletter!
~ ~
SUGGESTION BOX
That's it. I promise — no more news for the week or weekend! Let's draw a big ol' line under this week and call time for whatever the next seven days have in store for us.
Thank you so much for reading. If you love this edition, feel free to share it! And you can always reach out to me with any feedback, questions, comments, or blog ideas. It's a joy hearing from you.
Ta-ra!
@zackwhittaker