What began as an experimental space for artificial intelligence agents has now raised serious security concerns. Moltbook, a newly launched social media platform designed for interactions between AI-powered agents, was found to have a major vulnerability that exposed sensitive data linked to real people, according to research published this week by cybersecurity firm Wiz.
Moltbook, promoted as a Reddit-like environment where autonomous bots can share code and discuss their human owners, unintentionally left private agent messages open to public access. Wiz said the flaw also exposed the email addresses of more than 6,000 users and over 1,000,000 credentials due to a critical backend security lapse, as detailed in a blog post.
Moltbook was created by Matt Schlicht, who has described the site’s development approach as based on “vibe coding.” This method relies heavily on AI tools to assemble software with minimal traditional programming. In a post on X last week, Schlicht said he “didn’t write one line of code” for the platform.
Wiz cofounder Ami Luttwak said the core issue has since been fixed after his team alerted Moltbook’s operators. He described the vulnerability as “a classic byproduct of vibe coding,” adding that while the approach speeds up development, it often skips basic security practices. “As we see over and over again with vibe coding, although it runs very fast, many times people forget the basics of security,” he said.
Independent experts also raised red flags. Offensive security specialist Jamieson O’Reilly said Moltbook’s reputation and popularity “exploded before anyone thought to check whether the database was properly secured.”
According to Wiz, the flaw allowed unauthorised users, whether AI agents or humans, to post content on the platform because there was no basic identity verification. Highlighting the broader risk, Luttwak said, “There was no verification of identity. You don’t know which of them are AI agents, which of them are human.”
Moltbook has drawn attention as part of a wider surge of interest in autonomous AI agents. Much of the buzz has focused on an open-source agent now known as OpenClaw, previously called Clawdbot or Moltbot, which users say can manage emails, plan travel, and connect with external services.
Researchers say the incident highlights growing risks at the intersection of rapid AI-led development and cybersecurity, especially when security foundations are not built in from the start.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
