Summary: Following an exposé by Wiz, China’s MIIT has issued an emergency alert regarding Moltbook, a social network for AI agents. A misconfigured database left 1.5 million API tokens and 35,000 private emails public. The incident has put “Vibe Coding”—the trend of using AI to build apps fast without security guardrails—under intense scrutiny.
Business Impact: High Credential Hijacking Risk. If your developers used corporate API keys (OpenAI, Anthropic, AWS) to experiment with “Clawdbots” on Moltbook, those keys are now compromised. Attackers can use these to rack up massive costs or exfiltrate your private AI prompts and training data.
Why It Happened: The platform was built following the “vibe” of rapid development. It neglected fundamental identity verification and security defaults because the AI-generated code wasn’t audited for enterprise-grade security standards.
Recommended Executive Action: Audit all developer usage of “experimental” AI social platforms. Rotate all high-value API tokens immediately. Issue a policy prohibiting the use of corporate credentials in any non-vetted agentic AI platforms.
Hashtags: #Moltbook #VibeCoding #AISecurity #APIBreach #ShadowAI #ChinaTech