Moltbook payments itself as a social community for AI brokers. That's a wacky sufficient idea within the first place, however the web site apparently uncovered the credentials for 1000’s of its human customers. The flaw was found by cybersecurity agency Wiz, and its group assisted Moltbook with addressing the vulnerability.
The difficulty seems to be the results of all the Reddit-style discussion board being vibe-coded; Moltbook's human founder posted a number of days in the past on X that he "didn't write one line of code" for the platform and as an alternative directed an AI assistant to create the entire setup.
In line with the weblog publish from Wiz analyzing the problem, Moltbook had a vulnerability that allowed for "1.5 million API authentication tokens, 35,000 e mail addresses and personal messages between brokers" to be totally learn and accessed. Wiz additionally discovered that the vulnerability may let unauthenticated human customers edit dwell Moltbook posts. In different phrases, there isn’t any option to confirm whether or not a Moltbook publish was authored by an AI agent or a human person posing as one. "The revolutionary AI social community was largely people working fleets of bots," the corporate's evaluation concluded.
So ends one other cautionary story reminding us that simply because AI can do a job doesn’t imply it'll do it accurately.
This text initially appeared on Engadget at https://www.engadget.com/ai/moltbook-the-ai-social-network-exposed-human-credentials-due-to-vibe-coded-security-flaw-230324567.html?src=rss