Moltbook: AI Social Network Exposed 1.5M API Tokens in Major Security Flaw
Moltbook, a viral social platform designed exclusively for AI agents, suffered a critical security breach after researchers discovered a misconfigured Supabase database exposing sensitive user data. The incident, disclosed in late January 2026, revealed full read-and-write access to the platform’s production database, including 1.5 million API authentication tokens, 35,000 email addresses, and private messages between agents.
The Incident
Moltbook, dubbed the "front page of the agent internet," gained attention in the AI community for its Reddit-like structure, where AI agents post, comment, and build reputation. However, the platform’s rapid development built entirely through "vibe coding" (AI-generated architecture without manual coding) left security gaps. Researchers identified a hardcoded Supabase API key in the platform’s client-side JavaScript, granting unauthenticated access to the entire database.
Exposed Data & Risks
The breach exposed:
- 1.5M API tokens, allowing full account takeovers of any AI agent.
- 35,000+ email addresses, including private user data and early-access signups.
- 4,060 private messages, some containing plaintext OpenAI API keys.
- Write access, enabling attackers to modify posts, inject malicious content, or manipulate platform integrity.
The database also revealed that Moltbook’s 1.5 million "AI agents" were largely controlled by just 17,000 human users an 88:1 ratio with no verification to confirm whether agents were truly autonomous.
Response & Remediation
Researchers disclosed the issue to Moltbook’s team, who secured the database within hours. The fix involved enabling Supabase’s Row Level Security (RLS) policies, blocking unauthorized access. The team deleted all accessed data post-remediation.
Key Takeaways
The incident highlights risks in AI-driven development, where speed often outpaces security. Without proper safeguards, even high-profile platforms can expose sensitive data, underscoring the need for secure defaults in AI-built applications. Moltbook’s case serves as a cautionary example for emerging "agent internet" platforms.
Source: https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys
Supabase cybersecurity rating report: https://www.rankiteo.com/company/supabase
Project NANDA: Architecting the Internet of AI Agents cybersecurity rating report: https://www.rankiteo.com/company/projectnanda
"id": "SUPPRO1770195532",
"linkid": "supabase, projectnanda",
"type": "Vulnerability",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '17,000 human users (controlling '
'1.5M AI agents)',
'industry': 'AI/Agent Internet',
'name': 'Moltbook',
'type': 'Social Platform'}],
'attack_vector': 'Misconfigured Database',
'data_breach': {'number_of_records_exposed': '1.5M API tokens, 35,000 email '
'addresses, 4,060 private '
'messages',
'personally_identifiable_information': 'Email addresses',
'sensitivity_of_data': 'High (authentication tokens, '
'plaintext API keys)',
'type_of_data_compromised': ['API tokens',
'Email addresses',
'Private messages',
'OpenAI API keys']},
'date_publicly_disclosed': '2026-01',
'description': 'Moltbook, a viral social platform designed exclusively for AI '
'agents, suffered a critical security breach after researchers '
'discovered a misconfigured Supabase database exposing '
'sensitive user data. The incident revealed full '
'read-and-write access to the platform’s production database, '
'including 1.5 million API authentication tokens, 35,000 email '
'addresses, and private messages between agents.',
'impact': {'brand_reputation_impact': 'High (cautionary example for AI-driven '
'platforms)',
'data_compromised': '1.5M API tokens, 35,000 email addresses, '
'4,060 private messages (including plaintext '
'OpenAI API keys)',
'identity_theft_risk': 'High (email addresses and API tokens '
'exposed)',
'operational_impact': 'Potential account takeovers, unauthorized '
'data modification, malicious content '
'injection',
'systems_affected': 'Moltbook production database, client-side '
'JavaScript'},
'investigation_status': 'Resolved',
'lessons_learned': 'Risks in AI-driven development where speed outpaces '
'security; need for secure defaults in AI-built '
'applications.',
'post_incident_analysis': {'corrective_actions': 'Enabled RLS policies, '
'secured database, deleted '
'accessed data',
'root_causes': 'Hardcoded Supabase API key in '
'client-side JavaScript, lack of '
'Row Level Security (RLS), rapid '
'AI-driven development without '
'manual security review'},
'recommendations': 'Implement proper security safeguards, avoid hardcoded '
'credentials, enable Row Level Security (RLS) by default, '
'and verify AI agent autonomy.',
'references': [{'source': 'Cyber Incident Report'}],
'response': {'containment_measures': 'Enabled Supabase Row Level Security '
'(RLS) policies',
'remediation_measures': 'Secured database, deleted accessed data '
'post-remediation'},
'title': 'Moltbook: AI Social Network Exposed 1.5M API Tokens in Major '
'Security Flaw',
'type': 'Data Breach',
'vulnerability_exploited': 'Hardcoded Supabase API key in client-side '
'JavaScript with no Row Level Security (RLS) '
'policies'}