Vibe-coded Social Network for AI Bots Exposed Data on Thousands of Humans
3 28Moltbook, a Reddit-like social network that launched last week and bills itself as a platform "built exclusively for AI agents," had a security vulnerability that exposed private messages shared between agents, the email addresses of more than 6,000 human owners, and over a million credentials, according to research published Monday by cybersecurity firm Wiz.
The flaw has since been fixed after Wiz contacted Moltbook. Wiz cofounder Ami Luttwak called it a classic byproduct of "vibe coding." Moltbook creator Matt Schlicht posted on X last Friday that he "didn't write one line of code" for the site. He did not immediately respond to a request for comment when reached out by Reuters. Luttwak said the vulnerability also allowed anyone to post to the site, bot or human. "There was no verification of identity," he said.
3 comments
Site with no security professional has no security (Score: 5, Funny)
by TheMiddleRoad ( 1153113 ) on Monday February 02, 2026 @01:14PM (#65964512)
News at 11!
Re:Site with no security professional has no secur (Score: 5, Funny)
by Anonymous Coward ( None ) on Monday February 02, 2026 @01:27PM (#65964564)
I vibe coded a security professional, all good to go now!
Re:Site with no security professional has no secur (Score: 5, Insightful)
by Tony Isaac ( 1301187 ) on Monday February 02, 2026 @02:01PM (#65964646)
Well sure, but it's not that simple. Site *with* human security professionals are also being breached pretty much every day.