Moltbook, the AI Agents’ Social Platform, Leaked Personal Data of Real Users

A report by WIRED this week uncovered that ICE and CBP’s facial recognition application, Mobile Fortify, used to identify individuals across the U.S., is not actually intended for verifying identities and was approved for Department of Homeland Security use by easing some of the agency’s own privacy regulations.

WIRED closely examined the heavily militarized units of ICE and CBP that employ aggressive tactics usually reserved for active combat situations. Notably, two agents linked to the fatal shootings of US citizens in Minneapolis are said to belong to these paramilitary groups. Additionally, a recent report from the Public Service Alliance revealed that data brokers can exacerbate violence against public officials, who are increasingly facing threats while having limited means to safeguard their personal information under state privacy laws.

As the Milano Cortina Olympic Games kick off this week, Italians and other attendees are anxious due to the influx of security personnel, including ICE agents and members of the Qatari Security Forces, converging on the event.

Furthermore, each week we compile security and privacy news that we haven’t explored in detail. Click the headlines for the complete stories and remember to stay safe.

AI has been heralded as a powerful asset for identifying security vulnerabilities in code that hackers may exploit or defenders may rectify. Currently, one fact is evident: AI introduces numerous hackable bugs itself, including a major one disclosed this week in the AI-driven social network for AI entities called Moltbook.

This week, security firm Wiz disclosed a significant security flaw in Moltbook, designed as a Reddit-like platform for AI agents to communicate. The improper handling of a private key in the site’s JavaScript code inadvertently exposed the email addresses of thousands of users alongside millions of API credentials, granting unrestricted access that could lead to full account impersonation of any user on the platform, as noted by Wiz. This also included access to private communications among AI agents.

The discovery of this security flaw is perhaps unsurprising, given that Moltbook was famously “vibe-coded” by its founder, Matt Schlicht, who claimed he “didn’t write a single line of code” in developing the platform. “I just envisioned the technical architecture, and AI made it happen,” he shared on X.

Although Moltbook has rectified the flaw identified by Wiz, its serious vulnerability should serve as a warning regarding the security of AI-generated platforms. The primary issue often lies not in the security flaws inherent in companies’ AI implementations but in the tendency for these firms to allow AI to generate their code, leading to numerous AI-created bugs.

The FBI’s raid on Washington Post journalist Hannah Natanson’s residence and the search of her devices amid an investigation into a federal contractor’s alleged leaks highlight crucial security lessons about how federal agents can access personal devices with biometric features enabled. It also underscores a safeguard that can shield them from accessing those devices: Apple’s Lockdown mode for iOS. This feature, partly designed to thwart the hacking of iPhones by governments using spyware firms like NSO Group, also kept the FBI from infiltrating Natanson’s phone, according to a court document first reported by 404 Media. “Because the iPhone was in Lockdown mode, CART could not extract that device,” the document stated, referring to the FBI’s Computer Analysis Response Team. This protection likely stemmed from Lockdown mode’s security measures that prevent connections to peripherals or forensic analysis devices like Graykey or Cellebrite tools used for phone hacking unless the phone is unlocked.

Elon Musk and Starlink’s involvement in the Ukraine conflict has been complex, often not favoring Ukraine in its struggle against Russia’s invasion. However, this week, Starlink provided a significant advantage to Ukraine by disabling Russia’s military use of the service, leading to a communications blackout among many frontline units. Russian military bloggers referred to this situation as a major setback for their troops, particularly impacting drone operations. This action reportedly followed a request for assistance sent by Ukraine’s defense minister to Starlink’s parent company, SpaceX, last month. It seems that SpaceX has responded to that plea for support. “The enemy is facing not just a problem; it’s a catastrophe,” Serhiy Beskrestnov, an adviser to the defense minister, stated on Facebook.

In a coordinated digital operation last year, US Cyber Command employed digital tools to disrupt Iran’s air missile defense systems during the US’s kinetic assault on Iran’s nuclear agenda. This disruption “helped prevent Iran from launching surface-to-air missiles at American aircraft,” as reported by The Record. US agents utilized intelligence from the National Security Agency to identify a vulnerability in Iran’s military systems, which allowed them to target the anti-missile defenses without needing to engage and neutralize Iran’s digital military defenses directly.

“US Cyber Command was proud to support Operation Midnight Hammer and is fully prepared to carry out the orders of the commander-in-chief and the secretary of war at any time and in any location,” a spokesperson for the command stated in a communication to The Record.