June 10th – This Week’s Top Cybersecurity and Dark Web Stories

Meta’s AI Support Bot Just Became a Master Key for Instagram Hackers

On May 31, instructions began circulating on Telegram showing how to talk Meta’s AI support assistant into handing over control of an Instagram account. The exploit was disarmingly simple. An attacker would use a VPN connection with an IP address near the target’s hometown, request a password reset, and then chat with Meta’s bot – telling it to link the account to a new email address. The bot would comply, send a one-time code to that address, and the account was gone.

By the weekend, the Instagram accounts for the Obama White House and the Chief Master Sergeant of the US Space Force had been briefly defaced with pro-Iranian images and messages. The same hackers claimed to have used the technique to hijack a collection of short, high-value Instagram handles with an estimated resale value of over half a million dollars.

Meta’s Andy Stone confirmed on X that the issue had been resolved and affected accounts were being secured. An emergency patch was pushed over the weekend, and Meta clarified that no backend database was breached – the bot had simply been doing exactly what it was designed to do, just for the wrong people.

One useful detail for anyone worried about their own account: the exploit failed completely against accounts with any form of multi-factor authentication enabled. Even an SMS-based one-time code was enough to stop it.

Ongoing Targeted Campaign Against US Law Firms

Since January 2026, Mandiant and Google’s Threat Intelligence Group have been tracking a financially motivated campaign targeting dozens of US law firms, and what they’ve documented is information on how to strip an organisation of its most sensitive data without ever touching a line of malicious code.

The group behind it, UNC3753, also known as Luna Moth, Chatty Spider, and Silent Ransom Group, doesn’t use exploits or malware in the traditional sense. Its weapon of choice is a phone call. Operators ring employees, posing as internal IT helpdesk staff, and walk their targets through installing screen-sharing software to address a supposed security issue. From there, the attacker is watching everything. In many cases, they guide the victim through the exfiltration themselves, having them search for sensitive files, stage them in a Downloads folder, and drag them into a cloud storage account the attacker controls. In one documented incident, they exfiltrated 16 gigabytes of data in a single session using both a Google Drive upload and WinSCP. Google has since disabled the Drive accounts associated with this activity.

The operational tempo is striking. In multiple Mandiant-investigated incidents, the entire sequence – from first contact to data theft to extortion letter, was completed within a single business day. In some cases, data searches, staging, and exfiltration took under an hour.

What makes law firms such an attractive target is that they hold concentrated stores of extraordinarily sensitive material – merger and acquisition plans, client trade secrets, tax records, corporate agreements – and they face severe reputational and regulatory consequences if that data goes public. UNC3753 knows this. Their extortion letters, sent within thirty minutes of exiting the environment, give firms three days to respond before the group starts contacting clients directly and threatening to publish everything on their leak site.

Perhaps the most unsettling development in Mandiant’s report is the physical escalation. When remote social engineering fails, UNC3753 has begun sending individuals to victims’ offices in person. These operatives claim to be IT technicians, request access to an endpoint to “image the device,” and attempt to walk out with the data on a USB drive. Law firms’ logical perimeters may be hardening – but their physical ones often aren’t.

Oxford’s CareerConnect Platform Breached

On 28 May 2026, Oxford University was informed by GTI, the third-party provider of CareerConnect, the university’s careers and internship management platform, that an unauthorised party had gained access to the system and harvested user data. The University publicly confirmed the incident on 1 June.

The data accessed includes first names, last names, and email addresses for all affected users. For those who don’t sign in using Oxford’s Single Sign-On system, primarily alumni, research staff, and employer accounts, encrypted passwords were also exposed. GTI has confirmed the vulnerability has been patched and additional security controls are now in place.

The incident’s scope is intentionally narrow in one important respect: students using SSO authentication had only their names and email addresses exposed, not passwords. GTI invalidated all locally-stored CareerConnect passwords as a precaution, meaning alumni and employer users will be prompted to reset them on next login. There is currently no evidence that course records, uploaded CVs or documents, appointment information, or financial data were affected.

The University’s assessment is that the breach appears to have been credential-harvesting focused, meaning the likely downstream risk is phishing rather than identity fraud. 

The incident is a reminder that third-party systems, platforms contracted to manage sensitive user data on behalf of institutions, represent a significant and sometimes underestimated part of any organisation’s attack surface. Oxford’s own systems were not compromised, but the data of its students, staff, and alumni was still exposed. The security of any institution is only as strong as the weakest link across its entire software supply chain, including the vendors it trusts to manage the data it collects.