This week's Wild West Roundup:

"Pricey Instagram handles were stolen and resold before Meta patched the exploit."

Additional analysis: The Newest Instagram "Exploit" is the Goofiest I've Seen.

Meta AI's recent hack is a terrifying wake-up call for anyone who puts their trust in AI systems.

This is deeply embarrassing for Meta.

"SafeBreach Labs has uncovered a new indirect prompt injection technique that enables attackers to manipulate Google Gemini through seemingly benign notifications, exposing how AI assistants can be tricked into performing unauthorized actions without the user's knowledge."

"The Microsoft AI Red Team's June 4, 2026 update to its 'Taxonomy of Failure Modes in Agentic AI Systems' (v2.0) reports that zero-click attack chains can bypass human-in-the-loop (HitL) approvals end-to-end.

Grounded in 12 months of red teaming against deployed agentic systems, Microsoft says HitL bypass was the most consistently exploited failure mode, and that several engagements demonstrated zero-click chains starting from a single external input, with no human interaction beyond the initial agent invocation, that reached high-impact outcomes such as data exfiltration or lateral movement."