Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > account takeover
#account takeover

Meta AI Flaw Lets Attackers Hijack Instagram Accounts Without Verification — Premium Handles Worth $1M+ Stolen

1 June 2026  |  dark6  |  AI

A critical flaw in Meta's AI account recovery tool allowed attackers to trick the chatbot into sending password reset codes with no identity verification, enabling theft of premium...

>> read more

Google Chrome’s Device-Bound Session Credentials Go GA — Cryptographically Kills Cookie-Theft Attacks

31 May 2026  |  dark6  |  Vulnerability

Google has moved Device Bound Session Credentials (DBSC) to general availability in Chrome on Windows, cryptographically binding session cookies to the originating device via TPM. Enabled by default...

>> read more