What happened
Meta acquired Moltbook, an AI agent social network, despite Wiz estimating 17,000 real users from 1.4 million claimed and identifying a misconfigured Supabase database with full read/write access. OpenAI hired Peter Steinberger, OpenClaw's creator, a framework with a critical remote code execution bug (CVE-2026-25253) and local API key storage, exposing thousands of misconfigured instances. Meta stated Moltbook "opens new ways for AI agents," and OpenAI expects Steinberger to "drive next-generation personal agents."
Why it matters
These acquisitions introduce significant security risks for platform engineers and security architects integrating new AI capabilities. Moltbook's exposed database and OpenClaw's critical RCE vulnerability, coupled with its local secret storage and publicly exposed instances, demonstrate a disregard for fundamental security practices. This prioritises rapid integration over secure deployment, potentially locking organisations into managing compromised agent infrastructure. This follows recent reports flagging OpenClaw's privacy risks, intensifying scrutiny on AI agent security.
Subscribe for Weekly Updates
Stay ahead with our weekly AI and tech briefings, delivered every Tuesday.
