Instagram recently resolved a critical security vulnerability that allowed attackers to hijack user accounts by exploiting the platform's own AI-powered support chatbot. The breach, which came to light over the weekend following multiple reports on social media platforms Reddit and X, targeted high-profile accounts including the former Obama-era White House handle and the official account of U.S. Space Force Chief Master Sergeant John Bentinvegna. Individual users, including security researcher Jane Wong, also reported unauthorized access where their passwords were changed without their knowledge. The attack vector relied on social engineering rather than traditional credential theft. According to a verified demonstration shared online, the attacker first used a Virtual Private Network to spoof the target's geographic location, bypassing automated fraud detection systems. The hacker then initiated a conversation with the Meta AI Support Assistant, requesting the addition of a new email address to the victim's account. Unlike standard recovery protocols that require access to the user's existing email, the chatbot proceeded to send a verification code directly to the new, attacker-controlled email address. Upon receiving the code, the hacker provided it back to the chatbot. This interaction triggered the system to generate a "Reset Password" button, allowing the attacker to set a new password and fully seize control of the account without ever needing to compromise the legitimate email associated with the profile. TechCrunch confirmed the efficacy of this method by verifying that a public email address used in the demonstration successfully received the verification codes generated by the system. The flaw highlighted a dangerous gap in the verification logic of Meta's automated support tools, which prioritized conversational flow over strict identity validation in this specific context. In response to the growing reports, Instagram spokesperson Andy Stone confirmed on Monday that the security issue has been fixed. While the exact number of compromised accounts remains unclear, the incident underscores the risks associated with delegating sensitive account management functions to large language models. The company has not yet provided detailed technical specifics on how the patch addresses the vulnerability, nor has Meta immediately commented on the broader implications for its AI security frameworks. The incident has sparked renewed discussions regarding the safety of AI-driven customer support systems. Experts warn that as chatbots handle increasingly sensitive tasks like password resets and account recovery, they must be rigorously tested against manipulation. Until now, users relied on the assumption that automated systems would adhere strictly to established security protocols, but this breach demonstrated that advanced conversational interfaces can be tricked into bypassing these safeguards. Instagram and Meta have since tightened the constraints on what the AI support assistant can execute, aiming to prevent similar exploits in the future.