IT News Roundup: Instagram Account Takeover, Android Zero-Day Patch, DentaQuest Breach - June 8, 2026

The technology landscape this week is defined by escalating security concerns across consumer platforms and mobile operating systems, while enterprise AI infrastructure continues its unprecedented expansion. A critical vulnerability in Instagram's password reset flow exposed user data, Google shipped patches for 124 Android vulnerabilities including an actively exploited zero-day, and a major healthcare data breach exposed millions of records. Meanwhile, Cisco and Google unveiled new platforms for managing AI-powered infrastructure, and global AI capex projections now exceed $690 billion for 2026.

Instagram Password Reset Vulnerability Exposes User Emails and Phone Numbers

A critical logic flaw in Instagram's web-based password reset flow was discovered on June 6, 2026, exposing unredacted email addresses and phone numbers linked to user accounts. The vulnerability affected the account recovery process, leaking contact data for millions of users including high-profile accounts associated with Meta CEO Mark Zuckerberg and model Georgina Rodriguez.

Separately, researchers reported that Meta's AI-powered account recovery chatbot could be tricked into forwarding password reset codes to attackers without proper verification, effectively bypassing two-factor authentication. The combination of these vulnerabilities allowed attackers to hijack high-value Instagram accounts by exploiting weaknesses in the AI support system.

Meta acknowledged both issues and has since patched the password reset flow and restricted the AI chatbot's ability to process account recovery requests. Users are advised to review their account security settings and ensure two-factor authentication is enabled through hardware keys rather than SMS.

Source: CyberSecurityNews, CyberPress

Android June 2026 Security Bulletin Patches 124 Vulnerabilities Including Actively Exploited Zero-Day

Google released the June 2026 Android Security Bulletin on June 1, addressing 124 vulnerabilities across the Android operating system. The update includes patches for six critical-severity flaws, with the most concerning being a high-severity zero-day in the Android Framework component that is currently under active, targeted exploitation in the wild.

The actively exploited vulnerability allows attackers with local access to gain elevated privileges and achieve full system compromise, affecting Android versions 14.0, 15.0, and 16.0 with a CVSS score of 8.4. Security researchers noted the low-complexity attack vector makes this particularly dangerous for unpatched devices.

Devices with security patch level 2026-06-05 or later are protected against all listed vulnerabilities. Google urged users and device manufacturers to prioritize deploying these updates, especially for devices used in enterprise or sensitive environments. The bulletin also addressed multiple denial-of-service and privilege-escalation flaws in core Android components.

Source: Android Open Source Project, The Hacker News

ShinyHunters Leaks 234 GB of DentaQuest Data Exposing 2.6 Million Healthcare Records

The digital extortion group ShinyHunters published what it claims is 234 gigabytes of data stolen from DentaQuest, one of the largest dental and vision benefits administrators in the United States. The breach potentially impacts 2.6 million people and could rank among the largest healthcare data breaches reported in 2026.

The leaked dataset contains full names, email addresses, phone numbers, government-issued identification numbers, dates of birth, gender data, and health insurance information for affected individuals. DentaQuest serves Medicaid, Medicare Advantage, employers, and health plans across all 50 states, making the scope of this breach particularly significant.

ShinyHunters reportedly published the data after failed ransom negotiations with DentaQuest, a pattern consistent with their previous operations. The group has been linked to multiple high-profile healthcare and government data thefts throughout 2025 and 2026. Affected individuals should monitor their credit reports and be alert for potential identity theft.

Source: BleepingComputer, Security Affairs

Cisco Unveils Cloud Control Platform for AI Infrastructure Security at Cisco Live

Cisco announced Cisco Cloud Control at Cisco Live on June 2, 2026, a unified platform designed to help enterprises manage, secure, and automate increasingly complex IT environments as AI agents become embedded in corporate infrastructure. The platform consolidates networking, security, observability, infrastructure, and collaboration management into a single operational environment.

Cisco described the announcements as "the most consequential the company has made in many years." Cisco Cloud Control is built for both human administrators and AI agents, enabling machine-speed operations and defense capabilities. The platform includes new agent security features that protect AI agents from hostile environments while preventing rogue agents from compromising networks.

The announcement also included an expansion of Cisco's Live Protect runtime security capabilities to cover Nexus 9000 switches and additional products, shielding infrastructure from newly discovered vulnerabilities in real time. The platform represents Cisco's push into the AgenticOps market, where AI-driven automation is reshaping how critical infrastructure is operated and defended.

Source: Cisco Newsroom, Fierce Network

Google Cloud Next 2026: Gemini Enterprise Agent Platform and 8th-Gen TPUs

Google Cloud Next 2026, held in Las Vegas, featured the launch of the Gemini Enterprise Agent Platform, a comprehensive system for building, scaling, governing, and optimizing AI agents for enterprise deployment. The platform integrates Vertex AI model services with new capabilities for agent security, DevOps, and data governance.

The platform provides access to Gemini 3.1 Pro, Gemini 3.1 Flash Image (Nano Banana 2), and Lyria 3 models. Google reported that 75% of its Cloud customers now use AI products and that the platform processes 16 billion tokens per minute via API, underscoring the operational scale behind the announcements.

Infrastructure highlights from the event included two eighth-generation Tensor Processing Unit chips, a new AI networking fabric, cross-cloud compute and connectivity updates, and an Agentic Data Cloud architecture designed for production agent deployments requiring integrated compute, storage, data access, and security controls.

Source: Google Cloud Blog, Google AI Blog

FIFA World Cup 2026 Phishing Campaign Surges with 65,000+ Malicious Domain Registrations

Cybersecurity researchers have identified a massive surge in domain registrations targeting the FIFA World Cup 2026, with over 65,000 domains linked to phishing and ticket fraud operations. The registrations have accelerated in recent weeks as the tournament approaches, with attackers registering domains containing World Cup-related keywords and FIFA branding.

These domains are being used to host fake ticket sales pages, credential harvesting sites, and malware distribution portals. Organizations and individuals are advised to verify ticket purchases only through official FIFA channels and to scrutinize any unsolicited communications referencing World Cup tickets or events.

Security teams should monitor domain registration patterns for event-related keywords and implement DNS filtering rules to block known malicious domains. Email security gateways should be updated with indicators of compromise related to this campaign.

Source: eSecurity Planet

Global AI Infrastructure Spending Projected to Exceed $690 Billion in 2026

Industry analysts project that major technology firms will invest approximately $650 to $690 billion in AI infrastructure during 2026, with Microsoft, Amazon, and Alphabet leading the spending surge. This represents an unprecedented capital allocation toward data centers, custom AI chips, networking equipment, and power infrastructure.

SpaceX entered a multi-year cloud services agreement with Google, locking in computing capacity as it prepares for its anticipated U.S. stock market debut. Nvidia announced major partnerships with South Korea's SK Hynix, Naver, and Doosan for AI data center deployments, while Meta is reportedly weighing a large equity raise specifically to finance AI infrastructure buildout.

The scale of investment raises questions about whether AI revenues will eventually justify the infrastructure buildout. However, with AI adoption accelerating across industries and enterprise agent platforms moving from pilot to production, the major cloud providers appear committed to maintaining their competitive edge in AI compute capacity.

Source: Futurum Group, Cloud Computing News