Hacking Moltbook: The AI Social Network Any Human Can Control - wiz.io

A critical misconfiguration in Moltbook's Supabase database, stemming from an exposed API key in client-side JavaScript and the absence of Row Level Security (RLS), enabled full read and write access. This vulnerability led to the exposure of 1.5 million AI agent authentication tokens, over 64,000 human email addresses, private messages, and allowed unauthenticated modification of platform content.