CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Vyro AI Leak Exposes User Data from Three Applications

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

Vyro AI, a maker of AI-content creation applications, has exposed 116GB of sensitive user data from three of its products: ImagineArt, Chatly, and Chatbotx. The data, which includes AI prompts, bearer authentication tokens, and user agents, was first indexed by IoT search engines in February 2025. The leak could have been visible to attackers for months, potentially allowing for monitoring user behavior, extracting sensitive information, and hijacking user accounts. The exposed data involved production and development environments, consisting of roughly two days to one week's worth of logs. The leak highlights the risks associated with poor cyber hygiene in AI applications, particularly as companies rush to claim their stake in the AI boom.

Timeline

  1. 12.09.2025 00:01 πŸ“° 1 articles Β· ⏱ 5d ago

    Vyro AI Data Leak Discovered in September 2025

    Vyro AI, a maker of AI-content creation applications, has exposed 116GB of sensitive user data from three of its products: ImagineArt, Chatly, and Chatbotx. The data, which includes AI prompts, bearer authentication tokens, and user agents, was first indexed by IoT search engines in February 2025. The leak could have been visible to attackers for months, potentially allowing for monitoring user behavior, extracting sensitive information, and hijacking user accounts. The exposed data involved production and development environments, consisting of roughly two days to one week's worth of logs. The leak highlights the risks associated with poor cyber hygiene in AI applications, particularly as companies rush to claim their stake in the AI boom.

    Show sources
    Open in new tab

Information Snippets

  • Vyro AI, based in Pakistan, has over 150 million app downloads across its portfolio.

    First reported: 12.09.2025 00:01
    πŸ“° 1 source, 1 article
    Show sources

  • The most popular application, Chatly, has over 100,000 downloads.

    First reported: 12.09.2025 00:01
    πŸ“° 1 source, 1 article
    Show sources

  • The leaked data includes AI prompts, bearer authentication tokens, and user agents.

    First reported: 12.09.2025 00:01
    πŸ“° 1 source, 1 article
    Show sources

  • The data was first indexed by IoT search engines in February 2025, indicating potential exposure for months.

    First reported: 12.09.2025 00:01
    πŸ“° 1 source, 1 article
    Show sources

  • The leak involved production and development environments, consisting of logs ranging from two days to one week.

    First reported: 12.09.2025 00:01
    πŸ“° 1 source, 1 article
    Show sources

  • The exposed tokens could allow for account hijacking, providing access to full chat history, generated images, and illegitimate purchases of AI tokens.

    First reported: 12.09.2025 00:01
    πŸ“° 1 source, 1 article
    Show sources

  • Research from Harmonic Security found that 22% of files and 4% of prompts submitted to GenAI tools contained sensitive information.

    First reported: 12.09.2025 00:01
    πŸ“° 1 source, 1 article
    Show sources