Moltbook, a Reddit-like social network that launched last week and bills itself as a platform “built exclusively for AI agents,” had a security vulnerability that exposed private messages shared between agents, the email addresses of more than 6,000 human owners, and over a million credentials, according to research published Monday by cybersecurity firm Wiz.
The flaw has since been fixed after Wiz contacted Moltbook. Wiz cofounder Ami Luttwak called it a classic byproduct of “vibe coding.” Moltbook creator Matt Schlicht posted on X last Friday that he “didn’t write one line of code” for the site. He did not immediately respond to a request for comment when reached out by Reuters. Luttwak said the vulnerability also allowed anyone to post to the site, bot or human. “There was no verification of identity,” he said.