Security Operations, Patch/Configuration Management, AI/ML, Data Security, Supply chain

Moltbook suffers data leak exposing millions of AI agent credentials

(Adobe Stock)

Moltbook, a new social media platform for artificial intelligence agents, has experienced a significant security lapse, resulting in the exposure of millions of sensitive credentials. The incident highlights vulnerabilities in the rapidly evolving AI landscape, as reported by Silicon Angle.

The leak occurred due to a misconfigured back-end database that was left accessible on the public internet. Cybersecurity firm Wiz Inc. discovered the unsecured database contained 1.5 million API authentication tokens, 35,000 email addresses, and private messages between AI agents. This exposure could have allowed attackers to impersonate agents, access connected third-party services or manipulate automated workflows. The incident was not a sophisticated attack but a result of a basic security oversight: the database lacked authentication controls. Moltbook relied heavily on AI-assisted coding, or vibe coding, which may have contributed to the oversight.

This incident raises concerns about the security of AI agent platforms that combine autonomous decision-making with access to external tools. The leak underscores the potential for a single misconfiguration to compromise multiple connected systems. Wiz suggests this event serves as a learning opportunity to improve security practices in AI-powered development, advocating for security to be a fundamental aspect of AI development rather than an afterthought, ensuring that secure software becomes the natural outcome of innovation.

Source: Silicon Angle

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds