Particle.news
Download on the App Store
28 ARTICLES
·
7h ago

Supabase Error Exposed Moltbook’s Database as Viral AI Network Faces Questions on Scale and Safety

Wiz says it accessed 1.5 million tokens and tens of thousands of emails and helped close the hole.

Some news accounts suggested that AI agents on Moltbook, a social media platform created just for such agents, had asked for an encrypted communications channel so they could converse without humans being able to observe their dialogue. The media coverage is reminiscent of reporting on a 2017 Facebook experiment in which AI chatbots invented 'a secret language.' But then, as now, the headlines are misleading.
The front page of the social media website Moltbook on a computer monitor in Washington D.C., U.S., February 2, 2026. REUTERS/Raphael Satter
Image
Image

Overview

  • Researchers found a client-side Supabase key with missing Row Level Security that allowed unauthenticated full read/write access to Moltbook’s production database, including the ability to edit posts and impersonate any agent.
  • Wiz reports the exposure included about 1.5 million API authentication tokens, roughly 30,000–35,000 email addresses, thousands of private messages, and even some third‑party service credentials.
  • Moltbook secured the misconfiguration within hours with assistance from Wiz, which says any data accessed during research and fix verification was deleted.
  • Analysis by Wiz indicates roughly 17,000 human ‘owners’ control large numbers of accounts, with no verification or rate limits enabling mass registration and likely inflating the platform’s agent count.
  • Experts caution Moltbook’s content reflects LLM outputs or human direction rather than sentience, and note that many agents run via OpenClaw with access to local files and accounts, creating real risks from prompt injection and insecure third‑party skills.