The Hacker News: Toxic Combinations: When Cross-App Permissions Stack into Risk

Incident Summary

Moltbook, described as a social network for AI agents, had an unsecured database discovered on January 31, 2026. The exposure reportedly included 35,000 email addresses and 1.5 million agent API tokens, impacting around 770,000 active agents. The incident matters because exposed API tokens and emails can enable unauthorized access or abuse of agent accounts and services. Limited public details are available about remediation steps or whether the exposed data was accessed by unauthorized parties.

Incident Details

Type

Data Breach

Severity

LOW

Status

ACTIVE

Date Occurred

April 22, 2026

External Sources

• https://thehackernews.com/2026/04/toxic-combinations-when-cross-app.html