Researchers at cybersecurity firm Wiz said Monday they accessed Moltbook's unsecured database in under three minutes, exposing about 35,000 email addresses, thousands of private direct messages, and 1.5 million API authentication tokens. Wiz attributed the breach to a backend misconfiguration and 'vibe coding' development practices; Moltbook's team secured the system within hours and said accessed data were deleted, highlighting risks for agent platforms.
Key Points
- 1Exposed 35,000 email addresses, thousands of private DMs, and 1.5 million API authentication tokens
- 2Pointed to backend misconfiguration and 'vibe coding' practices as primary causes of security oversights
- 3Allowing attackers to impersonate agents, edit content, inject malicious prompts, and manipulate agent-consumed data
Scoring Rationale
High practical impact due to massive token exposure, but limited to a single viral platform and short-lived incident.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems