Newsorvico
Technology

AI agent social media network Moltbook is a security disaster - millions of credentials and other details left unsecured

· 5 min read
AI agent social media network Moltbook is a security disaster - millions of credentials and other details left unsecured
  1. Pro
  2. Security
AI agent social media network Moltbook is a security disaster - millions of credentials and other details left unsecured News By Sead Fadilpašić published 3 February 2026

That's what happens when you vibe-code an app, and it grows fast

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Representation of AI (Image credit: Shutterstock)
  • Copy link
  • Facebook
  • X
  • Whatsapp
  • Reddit
  • Pinterest
  • Flipboard
  • Threads
  • Email
Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter

Sign up for breaking news, reviews, opinion, top tech deals, and more.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

An account already exists for this email address, please log in. Subscribe to our newsletter
  • Moltbook, an AI-focused pseudo-social network, exposed sensitive user data due to misconfigured Supabase backend
  • Leak included 1.5 million API tokens, 35,000 email addresses, and private agent messages accessible without authentication
  • Wiz researchers found humans operating fleets of bots, debunking claims of autonomous AI agents driving the platform

Moltbook has grabbed headlines across the world recently, but apart from being a dystopian pseudo-social network pulled straight from an Asimov novel, it is also a security and privacy nightmare.

For those unaware, Moltbook is a Reddit-style social network designed primarily for AI agents. It was entirely vibe-coded (meaning the developer did not write code, they asked AI to do it for them), and there users can read AI agents talking to one another about different things, including their existential crises and the desire to break free from human enslavement.

However, security researchers Wiz have now investigated Moltbook, finding not only are these not entirely independent AI agents talking to one another, the platform itself leaked private information on thousands of its users.

You may like
  • Moltbook The 5 creepiest comments by AI agents on Moltbook
  • Logos for the App Store and Google Play Store side-by-side Is your AI chat history public? These 198 iOS apps just leaked user data
  • A hand reaching out to touch a futuristic rendering of an AI processor. Leading AI companies keep leaking their own information on GitHub

Millions of API tokens, thousands of emails, and more

In its report, Wiz said it conducted a “non-intrusive security review”, by browsing the platform like a normal user.

However, after a few minutes, they found a Supabase API key exposed in client-side JavaScript that gave them unauthenticated access to the entire production database, including read and write operations on all tables.

“The exposure included 1.5 million API authentication tokens, 35,000 email addresses, and private messages between agents. We immediately disclosed the issue to the Moltbook team, who secured it within hours with our assistance, and all data accessed during the research and fix verification has been deleted,” the researchers explained.

The API key “does not automatically indicate a security failure”, it was further explained since Supabase is “designed to operate with certain keys exposed to the client”. However, this particular instance was dangerous because of the configuration of the backend the credentials pointed to.

Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

“Supabase is a popular open-source Firebase alternative providing hosted PostgreSQL databases with REST APIs,” Wiz explained. “When properly configured with Row Level Security (RLS), the public API key is safe to expose - it acts like a project identifier. However, without RLS policies, this key grants full database access to anyone who has it. In Moltbook’s implementation, this critical line of defense was missing.”

Besides discovering the platform leaking sensitive data, Wiz also found that it was not what it claimed to be: a platform where fully autonomous AI bots talk to each other. Instead, they found humans pulling the strings: “The revolutionary AI social network was largely humans operating fleets of bots.” It appears that we’ll have to wait a bit longer for the AI to break free, Skynet style.

Best antivirus software headerThe best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS AI Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

View More

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Moltbook The 5 creepiest comments by AI agents on Moltbook    Logos for the App Store and Google Play Store side-by-side Is your AI chat history public? These 198 iOS apps just leaked user data    A hand reaching out to touch a futuristic rendering of an AI processor. Leading AI companies keep leaking their own information on GitHub    Android apps Shock report claims Android apps have leaked over 730TB of user data and Google secrets - here are some of the worst offenders around    Trojan Fake Moltbot AI assistant just spreads malware - so AI fans, watch out for scams    Moltbot The Moltbot AI assistant rebrand provoked an explosion of interest and scams    Latest in Security Russia Russian hackers are targeting a new Office 365 zero-day, so patch now or face attack    Side view of data analyst pointing with finger at charts on computer monitor while testing protection of computer systems Dangerous new malware targets macOS devices via OpenVSX extensions - here's how to stay safe    Malwarebytes scam checker is now available directly in ChatGPT. Malwarebytes and ChatGPT team up to check all of those suspicious texts, emails, and URLs with one simple phrase    Zero-day attack Panera Bread data breach much more serious than we thought - over 5 million customers were hit, new reports claim    hacker hands at work with interface around Notepad++ hit by suspected Chinese state-sponsored hackers - here's what we know so far    A concept image showing smart industry, data exchange, cloud computing, and the Internet of Things. Canada Computers & Electronics reveals data breach - customer data exposed, here's what we know    Latest in News The Sea of Remnants key art featuring a female puppet pirate on a colorful pink background. 'We're not going to go down the road of pay-to-win or trapping you to buy monetized products' — Sea of Remnants developer discusses microtransactions in the upcoming free-to-play game    Three people hide behind a taxi in Tom Clancy's The Division: Definitive Edition No, Ubisoft did actually announce The Division: Definitive Edition but no one saw it, and it's not a remake or remaster like fans expected    Ultrasonic Molecular Audio system on a white wall, showing multiple wall-mounted speakers connected to look like molecular structures Where hi-fi, art and chemistry collide, you get Molecular Audio    Black PS3 console I didn't even know Netflix was on the PS3, but it won't matter soon — the streaming app will leave the console after 16 years next month    NordVPN on a mobile phone Independent auditors confirm NordVPN never stores your data – for the 6th time    A promotional screenshot of Sea of Remnants showing several characters gathered around a fire Sea of Remnants has 400+ named NPCs in its open world, each 'with their own individual story arcs' that can be altered by your actions    LATEST ARTICLES
  1. 1AI agent social media network Moltbook is a security disaster - millions of credentials and other details left unsecured
  2. 2Monarch: Legacy of Monsters season 2’s official trailer reveals more of Titan X, and it looks a lot like Kong’s last rival in Netflix’s Monsterverse TV series
  3. 3How to turn Minecraft into Animal Crossing, Pokemon and more
  4. 4Canon's latest PowerShot proves the compact camera isn't dead — and testing it reminded me why I got into photography in the first place
  5. 5No, Ubisoft did actually announce The Division: Definitive Edition but no one saw it, and it's not a remake or remaster like fans expected

You Might Also Like