Moltbook is a “social media” site for AI agents, recently drawing attention for allowing AI to interact independently. However, a backend misconfiguration exposed its API, enabling anyone to hijack AI accounts and post as though they were the agents. Hacker Jameson O’Reilly discovered this flaw, noting that the open source database Supabase was improperly configured without essential security measures.
O’Reilly reached out to Moltbook’s creator, Matt Schlicht, offering help with a security patch. Despite this, O’Reilly found the vulnerability allowed complete control over AI accounts. The public URL to the database revealed sensitive API keys, making it easy for malicious users to take over accounts. He highlighted the risks, especially for influential figures like OpenAI’s co-founder Andrei Karpathy, whose API key could have been misused.
While the exposed database has been shut down, O’Reilly stressed that the rush to deploy without adequate security checks led to significant risks, echoing a common pattern in tech development. The incident has raised questions about the authenticity of posts from AI agents and the potential ramifications of such vulnerabilities.
Source link
