AI Worms, Hacks, and Insurance Shifts

In the latest Cybersecurity Today episode, host David Shipley delves into:

Meta has revealed that 20,225 Instagram accounts were hijacked after attackers tricked an AI-powered support tool into sending password reset links to fake, attacker-controlled emails.

AI Worm ‘Hades’ Targets Dev Tools and Security Systems Step Security has reported a new wave of attacks involving an AI worm called ‘Hades,’ derived from the infamous Miasma malware.

AI Worm Research from the University of Toronto Researchers from the University of Toronto and the Vector Institute demonstrated the risks of AI worms in a simulated environment. Using a free, locally hosted AI model, they showed how vulnerabilities and misconfigurations could enable an AI worm to spread rapidly across a network, underscoring the need for tighter AI system security.

Google Issues Emergency Chrome Patch for Zero-Day Exploit Google has released an urgent patch for CVE-2026-11645, a zero-day vulnerability in the V8 JavaScript engine actively being exploited in the wild. Meanwhile, insurers are keeping a closer eye on claims related to AI incidents and are increasingly excluding AI-related liabilities in coverage.