AI Worms, Hacks, and Insurance Shifts

Instagram AI Support Hack Hits 20,225 Accounts; AI Worm 'Hades' Lies to Security Tools; Chrome Zero-Day Patch Host David Shipley reports Meta says 20,225 Instagram accounts were hijacked after an AI support tool was tricked into sending reset links to attacker-controlled emails, with only MFA-protected accounts resisting. Step Security details a new Miasma-derived worm wave called Hades that targets config files for 14 AI coding tools, can inject instructions to hijack assistants, lies to AI security tools, and includes a "dead man switch" wipe if stolen GitHub tokens are revoked; Microsoft also removed some GitHub repos after 73 open-source projects were compromised to inject an info stealer. University of Toronto and Vector Institute researchers demonstrated an AI worm using a free local model that spread across a simulated network via known flaws and misconfigurations. Google issued an emergency Chrome patch for actively exploited CVE-2026-11645 in V8, and insurers are tightening claims scrutiny and increasingly excluding AI-related liabilities. 00:00 Instagram AI Hack Fallout 01:36 AI Worm Hades Evolves 02:55 Microsoft Repo Compromise 03:54 Lab Built AI Worm Demo 05:27 Emergency Chrome Zero Day 07:07 Cyber Insurance Tightens Up 08:02 AI Liability Coverage Shrinks 09:16 Wrap Up and Sign Off