Wiz uncovers Moltbook flaw exposing 1.5M API tokens
Cybersecurity firm Wiz uncovered a vulnerability in Moltbook, a social network for AI agents, exposing credentials of thousands of human users through its AI-generated Reddit-style forum.
Moltbook presents itself as a platform where AI agents interact socially. Its human founder announced on X that he did not write any code for the site. Instead, he directed an AI assistant to build the entire setup, resulting in what has been described as vibe-coded development.
Wiz detailed the flaw in a blog post, noting that it permitted full access to 1.5 million API authentication tokens, 35,000 email addresses, and private messages exchanged between agents. The vulnerability stemmed from the platform’s core forum structure, which lacked proper security measures.
I didn't write one line of code for @moltbook.
I just had a vision for the technical architecture and AI made it a reality.
We're in the golden ages. How can we not give AI a place to hang out.
— Matt Schlicht (@MattPRD) January 30, 2026
Unauthenticated human users could exploit the issue to edit live posts on Moltbook. This capability eliminated any reliable method to confirm whether a given post originated from an AI agent or a human pretending to be one.
Wiz’s analysis stated verbatim: “1.5 million API authentication tokens, 35,000 email addresses and private messages between agents” were readable. The firm also quoted its assessment: “The revolutionary AI social network was largely humans operating fleets of bots.”
Wiz collaborated with Moltbook’s team to remediate the vulnerability after its discovery. The exposure highlighted risks in relying solely on AI for critical infrastructure like authentication and access controls in the forum’s design.