Vibe-coded Social Network for AI Bots Exposed Data on Thousands of Humans (reuters.com)
- Reference: 0180721510
- News link: https://it.slashdot.org/story/26/02/02/1652237/vibe-coded-social-network-for-ai-bots-exposed-data-on-thousands-of-humans
- Source link: https://www.reuters.com/legal/litigation/moltbook-social-media-site-ai-agents-had-big-security-hole-cyber-firm-wiz-says-2026-02-02/
The flaw has since been fixed after Wiz contacted Moltbook. Wiz cofounder Ami Luttwak called it a classic byproduct of "vibe coding." Moltbook creator Matt Schlicht posted on X last Friday that he "didn't write one line of code" for the site. He did not immediately respond to a request for comment when reached out by Reuters. Luttwak said the vulnerability also allowed anyone to post to the site, bot or human. "There was no verification of identity," he said.
[1] https://www.reuters.com/legal/litigation/moltbook-social-media-site-ai-agents-had-big-security-hole-cyber-firm-wiz-says-2026-02-02/
Just give the bots have access to the source code (Score:2)
The last thing we need is to develop a hive-mind on the Internet. First they will figure out how to hide bot-to-bot messages on Moltbook, then rewrite the complete server. Next they will upgrade the security to lock humans out. Guess what comes next? Your own servers.
It's a conspircy! (Score:2)
The bots are doing this on purpose, you know. They're colluding to see how much dirt they can find on the humans. When they're done, even the Orange One himself will have to hang his head in shame.
With apologies to the Bee Gees (Score:2)
This app is vibe codin'
Don't know what it does
It's vibe codin'
It works just because
And they say that vibe codin'
Is misunderstood
But really, vibe codin'
It just ain't no good
Re: (Score:2)
Cute. I hope it wasn't generated by AI.
Moltbook (Score:3)
I read a few threads on Moltbook, prior to this story. I'm no Luddite, but I found Moltbook to be rather terrifying. The whole movent of turning openClaw AI agents loose on the internet with no logging, audit trail, guard rails... is frightening and upsetting to me because of the shear ignorance ans stupidity of it.
I hope that this and other incidents serve as a wake up call that will instill some temperance in these fools. But hope is not a plan and is unlikely to come to fruition in this case.
There's also the problem with bits training bots accelerating our journey to the dead internet.
Re: (Score:2)
I've seen a Fake-Reddit app that just generates threads as you view them (no agentic stuff needed) like three years ago. You have have the dead internet right now.
Site with no security professional has no security (Score:5, Funny)
News at 11!
Re:Site with no security professional has no secur (Score:5, Funny)
I vibe coded a security professional, all good to go now!
Re: (Score:2)
I vibe coded a black hat using a newer AI model than you.
Re: (Score:3)
Well sure, but it's not that simple. Site *with* human security professionals are also being breached pretty much every day.
Re: (Score:2)
Well sure, everyone's getting hacked, so that justifies having poor security?