Rabbit R1 AI has been compromised due to hardcoded API keys in its code, exposing sensitive data. A group of security researchers and developers known as 'Rabbitude' gained access to these API keys, allowing them to view every response the R1 has ever provided. This breach potentially allows hackers to access responses, text-to-speech, and email services, and even impersonate the company. The security flaw was initially reported by 404Media Co and highlighted by various sources, including The Verge and TimesNow. Additionally, jailbreakers uncovered vulnerabilities that let internal data be viewed by anyone.
"A group of R1 jailbreakers found a massive security flaw in Rabbit’s code" — The Verge Get the lowdown in our latest thread below! 1/7 🧵 https://t.co/eEQrn0YtXE
Rabbit R1 jailbreakers uncover huge security flaws, including some that let internal data be viewed by literally anyone #rabbitr1 #vulnerability #hacking https://t.co/9zSt0sQ0Nd https://t.co/YMLvB93zvI
Rabbit R1 has a major security flaw in its code https://t.co/SiwYTrcvnb
A group of security researchers and developers called 'Rabbitude' has apparently gained access to Rabbit's API keys, allowing them to see every response the R1 has ever provided. #Rabbit #RabbitR1 https://t.co/bDWK7A0xzH
Rabbit R1 AI Device Hacked, Exposing Major Security Flaws and User Data: All Details Here https://t.co/kK0j4EhWCo
A group of security researchers and developers called 'Rabbitude' has apparently gained access to Rabbit's API keys, allowing them to see every response the R1 has ever provided. #RabbitR1 #Rabbit https://t.co/bDWK7A0xzH
Silly Rabbit R1, Trix are for kids! Rabbit R1 AI's hardcoded API keys exposed sensitive data, allowing hackers to access responses, text-to-speech, and email services, potentially impersonating the company. Source: 404Media Co https://t.co/r3RKfF7ei4