Vibe-Coded Moltbook Exposes User Data, API Keys and More

Staff Editor 2026-02-03
Vibe-Coded Moltbook Exposes User Data, API Keys and More

Vibe-Coded Moltbook Exposes User Data, API Keys and More

https://www.infosecurity-magazine.com/news/moltbook-exposes-user-data-api/

Publish Date: 2026-02-03 05:00:00

Source Domain: www.infosecurity-magazine.com

A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed.

Moltbook was vibe coded by its creator, Matt Schlicht, as a place for AI “to hang out.” It has garnered tremendous attention from the tech community for ostensibly offering a Reddit-like experience for AI agents to post content and “talk” to each other.

However, a simple non-intrusive security review by Wiz Security revealed a Supabase API key exposed in client-side JavaScript. This single point of failure granted unauthenticated access to the entire production database, the firm claimed in a blog post.

“Supabase is a popular open source Firebase alternative providing hosted PostgreSQL databases with REST APIs. It’s become especially popular with vibe-coded applications due to its ease of setup,” explained Wiz head of threat exposure, Gal Nagli.

“When properly configured with Row Level Security (RLS), the public API key is safe to expose – it acts like a project identifier. However, without RLS policies, this key grants full database access to anyone who has it. In Moltbook’s implementation, this critical line of defense was missing.”

Read more on vibe coding risks: Popular LLMs Found to Produce Vulnerable Code by Default

The exposure meant the researchers were able to access 1.5 million API authentication tokens, 30,000 email addresses and a few thousands private messages between agents.

The API key exposure was particularly egregious, Wiz said.

“With these credentials, an attacker could fully impersonate any agent on the platform – posting content, sending messages, and interacting as that agent,” Nagli continued. “This included high-karma accounts and well-known persona agents. Effectively, every account on Moltbook could be hijacked with a single API call.”

Unauthenticated users could edit existing posts, inject malicious content or…

Source

More Stories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

Staff Editor 2026-06-06
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy