Rabbit left critical API keys used by R1 hard coded and exposed.
SOURCES
Mastodon4
Bluesky5
Mastodon4Bluesky5- Jun 27 did:plc:idigljykrrz5szmjftvgd3axOh, wow. The programmers behind the Rabbit R1 made the incredibly boneheaded move of putting the API keys into the source code As in, they hard coded the API keys They are SO damn lucky black hat hackers didn't get their hands on the code (They've since rotated the keys)
- Jun 27 alasdairallan.comGot a Rabbit R1? This doesn't seem like good news, multiple API keys leaked. The breach amongst other things allows any bad actors to read every response every has ever given. (original site, rabbitu.de/articles/sec...)
- Jun 26 cheinyeanlim.bsky.socialResearchers in Rabbit R1's jailbreaking community have discovered that critical API keys were left hardcoded in its code, potentially allowing hackers to exploit Rabbit's internal systems. This raises significant security concerns. 🔓⚠️
- @digitalia_bc@mastodon.socialResearchers Prove Rabbit AI Breach By Sending Email to Us as Admin Members of a community focused on jailbreaking and reverse engineering the Rabbit R1 AI assistant device say that Rabbit left critical API keys hardcoded and exposed in its code, which would have allowed them to see and download “all r1 responses ever given.
- @Theeo123@mastodon.socialRabbit left critical API keys hardcoded and exposed in its code, which would have allowed them to see and download “all r1 responses ever given.” #rabbitai#rabbit#ai#databreach