Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Moltbook Supabase database exposure

Data Leak
First reported
Last updated
Happening score
H score 24
1 unique sources, 1 articles

Summary

Hide ▲

A misconfigured Supabase database exposed Moltbook data, putting API authentication tokens, email addresses, and private messages at risk of unauthorized access. The exposure mattered because the database was left accessible through client-side JavaScript, and the leaked scope included 1.5 million tokens. That combination created a broad credential and privacy exposure for agents on the platform.

Related Happenings

CISA contractor GitHub repository exposed internal credentials

Data Leak
First: 18.05.2026 23:48 Last: 18.05.2026 23:48 Sources 1

About this happening: A **CISA contractor** left a public **GitHub repository** exposing **AWS GovCloud credentials** and internal access material, creating a serious **data leak** involving sensitive...

Latest development: 22.05.2026 19:34

On May 19, Sen. Maggie Hassan and Rep. Bennie Thompson, with Rep. Delia Ramirez co-signing Thompson’s letter, sent separate letters to CISA demanding answers about the Private-CISA GitHub leak and warning that the credential exposure raised serious concerns about CISA’s internal policies, contract support, and security culture.

Open Happening

Shai-Hulud public GitHub repository credential exposure

Data Leak
First: 18.05.2026 20:28 Last: 18.05.2026 20:28 Sources 1

About this happening: **Shai-Hulud** stole **developer credentials** that were later exposed in **public GitHub repositories**, turning a theft phase into a public leak of access data. The exposed mate...

Open Happening

Moltbook wide-open database exposure

Data Leak
First: 22.04.2026 13:41 Last: 22.04.2026 13:41 Sources 1

About this happening: The **Moltbook** database exposure placed **35,000 email addresses** and **1.5 million agent API tokens** at risk, creating immediate potential for account hijacking and credentia...

Open Happening

Anthropic Claude Code source code leak from NPM release

Data Leak
First: 01.04.2026 03:32 Last: 01.04.2026 03:32 Sources 1

About this happening: Anthropic **mistakenly exposed** proprietary **Claude Code** source code through a **NPM** release, allowing the codebase to be reconstructed and spread online. The leak involved...

Latest development: 02.04.2026 23:30

Threat actors are using fake GitHub repositories to exploit the Claude Code source code leak and lure users searching for leaked Claude Code into downloading a 7-Zip archive that launches ClaudeCode_x64.exe and drops Vidar and GhostSocks; Zscaler says the bogus repository is SEO-optimized for Google Search queries like “leaked Claude Code.”

Open Happening

Trivy environment credentials leak

Data Leak
First: 21.03.2026 19:30 Last: 21.03.2026 19:30 Sources 1

About this happening: The **Trivy** environment credentials leak exposed stolen authentication secrets and helped enable a later compromise, raising the risk of follow-on abuse. The credentials came fr...

Open Happening

Timeline

  1. 08.02.2026 09:32 2 articles · 3mo ago

    Moltbook Supabase database exposure

    Initial Disclosure

    A misconfigured Supabase database belonging to Moltbook exposed secret API keys for registered agents through client-side JavaScript and left the platform data readable and writable without authorization. The exposure scope included 1.5 million API authentication tokens, 35,000 email addresses, and private messages between agents.

    Show sources
    Open in new tab