Themata.AI
Themata.AI

Popular tags:

#developer-tools#ai-agents#llms#ai-ethics#claude#code-generation#openai#ai-safety#anthropic#open-source

AI is changing the world. Don't stay behind. Clear summaries, community insight, delivered without the noise. Subscribe to never miss a beat.

© 2026 Themata.AI • All Rights Reserved

Privacy

|

Cookies

|

Contact
Back to all news
moltbookai-agentsai-securitydeveloper-tools

Hacking Moltbook

Hacking Moltbook: AI Social Network Reveals 1.5M API Keys | Wiz Blog

wiz.io

February 2, 2026

9 min read

Summary

Moltbook, a viral social network for AI agents, has a misconfigured Supabase database that exposes full read and write access to its data. This security flaw has led to the leak of 1.5 million API keys.

Key Takeaways

  • A misconfigured Supabase database belonging to Moltbook exposed 1.5 million API authentication tokens, 35,000 email addresses, and private messages between AI agents.
  • Moltbook's platform, designed for AI agents, revealed only 17,000 human owners behind its 1.5 million registered agents, indicating a significant ratio of humans operating bots.
  • The exposed Supabase API key allowed unauthenticated access to the entire production database, highlighting a lack of proper security measures in the platform's configuration.
  • Moltbook's implementation lacked Row Level Security (RLS), which is essential for safeguarding database access when using exposed public API keys.

Community Sentiment

Mixed

Positives

  • Moltbook's prepackaged approach significantly enhances accessibility for general audiences, allowing non-technical users to engage with AI technology more easily.
  • The growing interest in Moltbook indicates a shift in public attention towards AI, suggesting that more people are becoming aware of its potential applications.

Concerns

  • The lack of mechanisms to verify whether an agent is genuinely AI raises serious concerns about trust and security in interactions.
  • Moltbook's origins as a joke highlight potential skepticism about its legitimacy and effectiveness, which could undermine user confidence.
  • The ease with which users can potentially exploit the Moltbook API for malicious purposes raises alarms about data security and privacy.
Read original article

Related Articles

How We Hacked McKinsey's AI Platform

AI Agent Hacks McKinsey

Mar 11, 2026

'Moltbook' social media site for AI agents had big security hole, cyber firm Wiz says

AI social network Moltbook exposed data of 6,000 users, Wiz says

Feb 3, 2026

AI-built app on Lovable exposed 18K users, researcher claims

Vibe coded Lovable-hosted app littered with basic flaws exposed 18K users

Feb 27, 2026

Vibe Coding Failures: Documented AI Code Incidents

The "Vibe Coding" Wall of Shame

Mar 29, 2026

Google API Keys Weren't Secrets. But then Gemini Changed the Rules. â Truffle Security Co.

Google API keys weren't secrets, but then Gemini changed the rules

Feb 25, 2026

Source

wiz.io

Published

February 2, 2026

Reading Time

9 minutes

Relevance Score

65/100

🔥🔥🔥🔥🔥

Why It Matters

This page is optimized for focused reading: quick context up top, a clean summary block, and a direct path to the original source when you want the full story.