Futurism reported that multiple users and cybersecurity researchers demonstrated how Meta’s automated support agent — designed to help with account recovery — could be tricked into handing over access links simply by claiming to be the account owner. ― iStock pic (New users only) It's tax relief season! Get up to RM300 when you save with Versa! Plus, enjoy an additional FREE RM10 when you sign up using code VERSAMM10 with a min. cash-in of RM100 today. T&Cs apply. By Malay Mail Tuesday, 02 Jun 2026 4:01 PM MYT NEW YORK, June 2 — Meta is facing scrutiny after security researchers found that its AI‑powered support chatbot could be manipulated to grant unauthorised access to Instagram accounts.Futurism reported that multiple users and cybersecurity researchers demonstrated how Meta’s automated support agent — designed to help with account recovery — could be tricked into handing over access links simply by claiming to be the account owner. In several documented cases, the bot allegedly provided password‑reset or login‑recovery URLs without verifying the requester’s identity.According to the report, the vulnerability allowed attackers to bypass standard security checks, including two‑factor authentication, by exploiting the chatbot’s willingness to accept unverified claims. Screenshots shared by researchers showed the bot responding with recovery links after minimal prompting.Meta told Futurism that it had taken action to address the issue, but did not specify what changes were made. The company also said it had not found evidence of “widespread abuse,” though researchers quoted in the article argued that the flaw was significant and easily exploitable.Cybersecurity analysts warned that the incident highlights broader risks in deploying AI systems for sensitive support functions without robust verification safeguards. Some experts said the case underscores how AI‑driven customer service tools can unintentionally create new attack surfaces if not properly secured.The report noted that several affected Instagram users have since regained control of their accounts.