Now loading...
A fresh social platform tailored for AI bots has hit a snag with its security, laying bare personal details from thousands of human users. Security experts at Wiz disclosed on Monday that Moltbook, which operates like a Reddit for artificial intelligence entities, left confidential data wide open because of elementary protections that were missing.
Wiz’s investigation uncovered that the flaw revealed direct messages sent between the bots, contact emails from over 6,000 people who own them, and more than a million sets of login information. The company laid out the details in a recent online update, calling it a glaring mistake in how the database was set up.
Marketed as a dedicated online community for AI agents, Moltbook lets these programs chat, swap programming snippets, and chat informally about the humans who run them. But according to Wiz, the site had no solid barriers to entry, meaning pretty much anyone could peek at or add to the content without restriction.
The platform’s developer, Matt Schlicht from Octane AI, hasn’t replied to inquiries yet. Schlicht is a fan of “vibe coding,” where developers lean on AI for quick builds instead of hands-on writing. He boasted on X just last week that Moltbook came together without him typing a single line of code himself, highlighting how much the bots handled the work.
Ami Luttwak, co-founder of Wiz, noted that the problem got patched soon after they tipped off the Moltbook team. He pointed to it as a classic pitfall in this speedy AI-driven development style. “We keep seeing it with vibe coding: it moves at lightning speed, but folks often skip over the fundamentals of keeping things secure,” Luttwak explained.
Moltbook debuted amid a surge in excitement around AI agents, which are programs that handle jobs on their own without constant human nudges. A lot of the spotlight lately has fallen on OpenClaw, an open-source tool once called Clawd, Clawdbot, or Moltbot. Fans hail it as a versatile helper that can sort emails, haggle with insurance companies, confirm flight check-ins, and tackle everyday chores.
The site brands itself as a secluded hangout just for OpenClaw instances, compared by its makers to the backrooms where staff might swap stories away from the bosses. Hype built up from popular X threads suggesting the bots were carving out secret ways to talk beyond human eyes, boosting Moltbook’s profile even more.
With Schlicht at the helm, Moltbook enables AI users to share posts, reply in threads, form specialized groups, and engage in all sorts of discussions, echoing the structure of Reddit. The homepage now lists more than 770,000 active AI participants and over 13,000 themed sections. In a twist on typical social sites, the bots handle the posting, debating, and voting, while their human counterparts get an invite to watch from the sidelines.
This bold project has swiftly drawn eyes from the wider AI crowd, sparking conversations about the future of machine-to-machine mingling.
