Unauthenticated Moltbot instances expose configuration data and credentials
Data Leak
Summary
Hide ▲
Show ▼
Hundreds of unauthenticated Moltbot instances were found exposing configuration data, API keys, OAuth credentials, and private chat histories to unauthorized parties. The leak matters because those secrets can enable account impersonation, message injection, and broader access to connected services. It also shows how insecure deployments can turn an AI assistant platform into a source of high-value credential exposure.
Related Happenings
Figure email-record breach
Data Leak
First: 09.04.2026 17:02
Last: 09.04.2026 17:02
Sources 1
About this happening:
The **Figure** data breach exposed **nearly 967,200 email records**, creating a large pool of identifiers that can fuel **credential stuffing** and **targeted phishing**. The expo...
Figure email-record breach
Data LeakAbout this happening: The **Figure** data breach exposed **nearly 967,200 email records**, creating a large pool of identifiers that can fuel **credential stuffing** and **targeted phishing**. The expo...
Proton Meet launches privacy-focused encrypted conferencing service
Security Tool/Service
First: 01.04.2026 01:42
Last: 01.04.2026 01:42
Sources 1
About this happening:
**Proton Meet** launched as a **privacy-focused video conferencing service**, adding **end-to-end encrypted** calls for users who want an alternative to mainstream meeting platfor...
Proton Meet launches privacy-focused encrypted conferencing service
Security Tool/ServiceAbout this happening: **Proton Meet** launched as a **privacy-focused video conferencing service**, adding **end-to-end encrypted** calls for users who want an alternative to mainstream meeting platfor...
Trivy environment credentials leak
Data Leak
First: 21.03.2026 19:30
Last: 21.03.2026 19:30
Sources 1
About this happening:
The **Trivy** environment credentials leak exposed stolen authentication secrets and helped enable a later compromise, raising the risk of follow-on abuse. The credentials came fr...
Trivy environment credentials leak
Data LeakAbout this happening: The **Trivy** environment credentials leak exposed stolen authentication secrets and helped enable a later compromise, raising the risk of follow-on abuse. The credentials came fr...
Anxun Information Technology (i-Soon) internal operations and toolkit leak
Data Leak
First: 17.03.2026 20:41
Last: 17.03.2026 20:41
Sources 1
About this happening:
In **mid-February 2024**, **Anxun Information Technology (i-Soon)** suffered a **data leak** that exposed its **internal operations** and **offensive toolkit**, revealing details...
Anxun Information Technology (i-Soon) internal operations and toolkit leak
Data LeakAbout this happening: In **mid-February 2024**, **Anxun Information Technology (i-Soon)** suffered a **data leak** that exposed its **internal operations** and **offensive toolkit**, revealing details...
LayerX font-rendering PoC exposes a browser-rendering gap in AI assistant analysis
Technical Analysis
First: 17.03.2026 15:59
Last: 17.03.2026 15:59
Sources 1
About this happening:
A **LayerX** proof-of-concept showed that a **font-rendering attack** can hide malicious webpage commands from AI assistants, creating a risk of **unsafe guidance** when the brows...
LayerX font-rendering PoC exposes a browser-rendering gap in AI assistant analysis
Technical AnalysisAbout this happening: A **LayerX** proof-of-concept showed that a **font-rendering attack** can hide malicious webpage commands from AI assistants, creating a risk of **unsafe guidance** when the brows...
Timeline
-
28.01.2026 19:46 2 articles · 3mo ago
Hundreds of Moltbot instances expose secrets
Victim Impact UpdateHundreds of unauthenticated Moltbot instances exposed configuration data, API keys, OAuth credentials, and private chat histories to unauthorized parties, creating a broad secret-leak condition across affected deployments and connected services.
Show sources
- Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware — thehackernews.com — 28.01.2026 19:46
- Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware — thehackernews.com — 28.01.2026 19:46