New @instagram bug: Why bro masking emails and phone numbers during password recovery when you can just display them in full? Account recovery or account discovery? Meta care to explain? #Meta #Instagram #CyberSecurity #Privacy

We would like to begin to offer free seminars to the public hosted by a range of professionals in the field on things you should learn and be aware of, your first one will be with @deanelazab the date will be June 5th at 5pm EST! The seminar will include: Basic terms of contracts all content creators see, and the five biggest traps in there. It describes what to look for, what the red flags are, and how to adjust to your favor. It will also briefly cover the team the creator should build for themselves and what each role does between agent, manager, lawyer and accountant. one hour of seminar with slides, with 20-30 minutes for free questions after. These seminars will be hosted on our public discord

We have started hosting a backup of Citra's website before it was taken down. This page is a snapshot of the site as it was on March 4th 2024, with a few modifications that have been disclosed.

Today Instagram had this massive exploit where hackers were just stealing rare handles left and right. Hundreds of accounts gone. People losing handles they’ve owned since 2010, some worth hundreds of thousands. I own a few rare ones so I was actually stressed watching this happen in real time, which I haven’t been in years. Obama White House account got hit. These aren’t some random new accounts, these are verified, locked down accounts and they still got compromised. The thing is the exploit is so simple it’s almost funny. Attacker goes to Forgot Password, says their account is hacked, turns on a VPN to match the target’s location (which now you can find on the about section of the page). Instagram’s AI support flow asks them to verify with a selfie. They grab a photo from the target’s profile, run it through an AI video generator to make an animation of the person’s face moving around, upload that to Meta’s AI as proof. And Meta’s AI just accepts it because it can’t tell the difference between a real selfie and an AI-generated video of someone’s face . Once verified they change the email to theirs. Password reset link goes to their email. They own it now. 2FA gets bypassed somehow in the process but honestly I don’t know exactly how, just that it did. Point is even locked down accounts went down. Then you try to recover your account and you’re talking to a chatbot that has zero ability to help. You can’t escalate to a human. You’re just stuck. Your asset is gone and there’s no one to call. The whole thing just highlighted how stupid it is to automate account security without any human in the loop. One AI fooling another AI while there’s literally no person anywhere to catch it. Meta took hours to even acknowledge it while accounts were getting stolen every minute. Now thankfully it’s patched but I don’t think it will be the last one. Stay safe!

Hackers have reportedly hijacked several high-profile Instagram accounts using Meta’s own AI chatbot Attackers were able to access accounts, including Sephora’s, by asking the AI Support Assistant to change the email address linked to the profile

Read to avoid this issue. Please stop getting hack.