Meta's AI support tool was hijacked to take over 20,225 Instagram accounts. A new side-channel attack lets websites fingerprint SSD activity from the browser. htmx's Carson Gross argues AI has made code cheap and understanding expensive.

Instagram exploit, spying through SSDs, code is cheap

Three stories that look unrelated and aren't. Meta's AI-powered High Touch Support (HTS) tool got hijacked and was used to take over 20,225 Instagram accounts. A new academic paper showed that a website can fingerprint your SSD activity through browser-based JavaScript — meaning cross-origin tracking just got a side channel it never had. And Carson Gross (htmx creator) published an essay called "Code is Cheap(er)" arguing that AI has inverted the economics of software: writing code is now the cheap part; understanding it is the expensive part.

What You Need to Know: Meta's AI support tool was hijacked and used to take over 20,225 Instagram accounts. A new side-channel attack lets websites detect your SSD's activity through JavaScript. htmx's Carson Gross argues AI has made code cheap and understanding expensive. Three stories about trust, observability, and the new economics of software.

Why It Matters

AI-assisted support is a real attack surface. Meta's HTS flaw showed that when you give an AI authority to act on a user's behalf — even to recover an account — attackers will impersonate that authority. Every company running an AI support or recovery tool needs to revisit its threat model this quarter.
SSD side-channel attacks move from "air-gapped" to "any browser." The 2017 LED-it-GO research leaked data via hard drive LEDs. The 2026 research leaks data through SSD access patterns, detectable from a website. The threat model for browser security just got wider.
"Code is cheap" inverts the developer skill stack. If the marginal cost of writing code drops to near-zero, the differentiator is understanding — architecture, debugging, integration, requirements, and the messy human work of knowing what to build.
All three stories share a common thread: trust. Trust the AI tool. Trust the browser. Trust the developer. In each case, the attack surface is the trust model, not the cryptography.

What Actually Happened

Meta's HTS tool was used to hijack 20,225 Instagram accounts

On May 31, 2026, Meta disclosed that a vulnerability in its AI-assisted Instagram account recovery system — internally called "High Touch Support" (HTS) — had been exploited to take over 20,225 Instagram accounts. The exposed data per user included contact information, date of birth, and linked social media handles. The disclosure was covered by BleepingComputer and Cybernews.

The mechanism, per Sid's technical writeup, involved attackers impersonating the HTS tool to convince the AI-assisted recovery flow to grant access. Black-market Telegram groups immediately began offering "Instagram account takeover" services at premium rates with quick turnaround. The flaw is a textbook case of trusting an AI component with production authority — the same problem CrowdStrike's SGNL acquisition is trying to solve at the identity layer.

The broader lesson: every AI tool in a recovery, support, or authentication flow is now a high-value target. The attackers don't need to compromise the user. They compromise the tool that the user trusts.

SSDs can be fingerprinted from a browser through access patterns

On May 27, 2026, Ars Technica reported on new research showing that "websites have a new way to spy on visitors: analyzing their SSD activity." The technique, laid out in an academic paper, exploits a side channel — a leak resulting from physical manifestations of computation — by detecting the timing patterns of an SSD's read/write activity from JavaScript running in the browser.

This is the 2026 evolution of the 2017 LED-it-GO research from Ben-Gurion University, which used hard-drive LEDs to leak data from air-gapped computers. The new research works against SSDs (no LED needed) and works from inside a browser (no local access needed). The exact exfiltration rates are modest, but the principle is proven: a website can now infer what your SSD is doing.

For enterprise security teams, the immediate concern isn't data exfiltration (the bandwidth is too low for useful payloads) — it's cross-origin tracking. A tracker can now correlate user activity across browser tabs, detect when a user opens a local file, or fingerprint a system by its SSD access signature. The browser-isolation market is going to have a field day with this research.

Carson Gross publishes "Code is Cheap(er)"

On June 4, 2026, htmx creator Carson Gross published an essay titled "Code is Cheap(er)," arguing that "as AI makes code cheap to produce, understanding code becomes the expensive and scarce resource." The argument is economic, not technical: the supply curve for code has shifted, and the bottleneck is now upstream — knowing what to build, why, and how it fits into a system.

The essay lands in a market that has been quietly panicking about exactly this. Microsoft's SSRN-published study on generative AI and developer productivity found measurable productivity gains from AI coding tools, but the gains were concentrated in boilerplate-heavy tasks and disappeared on novel architectural work. Gross's essay is the philosophical framing for what the productivity data has been showing for two years: AI doesn't replace senior engineers; it makes their judgment more valuable.

The community response, per the WorkOS workshop writeup on building a "complete AI-driven go-to-market pipeline" with Claude Code and Cowork, has been a flurry of plugins and skill libraries that treat AI coding agents as junior engineers to be orchestrated. The market is moving from "AI writes code" to "AI is on the team."

The Take

These three stories have one thing in common: the failure mode is the trust model, not the cryptography. Meta trusted the HTS tool. Browsers trusted that storage access patterns are observable only by the OS. Development teams trusted that "AI writes code" means "we ship faster." In each case, the right answer is: design for the trust gap, not the encryption.

For security teams, the SSD side-channel is the scariest of the three because it changes a foundational assumption of browser security — that storage activity is not observable to web content. Defense-in-depth just got another layer.

For developers, Gross's "Code is Cheap" framing is the one to internalize. The teams that will thrive in 2027-2028 are the ones who treat AI coding as a multiplier on judgment, not a replacement for it.

Instagram exploit , spying through SSDs , code is cheap