Meta allowed an LLM to change users email address for a password reset.
Funny times are ahead...
No, you don't understand! Meta told us the LLM itself "worked properly and functioned as intended" and it was only due to a bug in a "separate code path" that made this attack possible. Don't go around blaming innocent LLMs!
(/s)