A Bolt-built Notion clone exposed 1.5 million API keys through client-side JavaScript. It's the biggest vibe-coded data breach yet — and it wasn't the only one.
In late 2025, security researchers discovered that Moltbook — a Notion-like productivity app built using Bolt, one of the most popular AI coding platforms — had been leaking sensitive data at a staggering scale.
The app's Supabase database credentials were hardcoded in client-side JavaScript. Not hidden behind a server. Not in environment variables. Right there, in the browser, for anyone who pressed F12.
Those exposed credentials gave access to:
Think about what 1.5 million stolen API keys means. Each one is a billing credential. An attacker with your OpenAI key can run up thousands of dollars in API charges. Multiply that by 1.5 million keys, and you're looking at one of the most expensive data breaches in the AI era.
The root cause was breathtakingly simple. When Bolt generated the app, it put the Supabase connection URL and anonymous key directly into the frontend JavaScript bundle. The developer — likely a non-technical founder using AI to build fast — shipped it as-is.
Here's the thing: this is what Bolt does by default. And Bolt isn't alone.
When you tell an AI coding tool to "connect to my database," it connects to your database. It doesn't automatically:
The AI gives you a working app. "Working" and "secure" are different things.
Within months of the Moltbook disclosure, two more major incidents proved this wasn't a one-off — it was a pattern.
Security researcher Youssef Sammouda discovered that apps generated by Lovable — one of the fastest-growing AI coding platforms — were missing Supabase Row-Level Security (RLS) by default.
This meant that any authenticated user of a Lovable-generated app could access every other user's data by making direct Supabase queries. No hacking required. Just standard API calls that the database happily answered because nobody told it not to.
The researchers found over 170 production apps with this vulnerability. Lovable issued a patch, but every app built before the fix had to be manually updated.
Base44, another AI app builder, had an even more fundamental problem. Researchers found that all user-created projects were accessible to unauthenticated visitors. No login needed. No exploit needed. Just visit the right URL.
This exposed source code, database schemas, API keys, and user data for every app built on the platform.
All three incidents — Moltbook, Lovable, and Base44 — share the same fundamental problem: the AI tool generated a working app but didn't secure the database layer.
Credentials were exposed in client-side code. Row-Level Security was disabled or missing. Backend authorization was nonexistent. The apps worked perfectly — anyone could use them. Unfortunately, "anyone" included attackers.
This is the dirty secret of vibe coding in 2025-2026. The AI tools are incredible at building functional apps. They handle routing, UI components, state management, and API integrations with ease. But they consistently fail at the invisible stuff — the security plumbing that prevents strangers from reading your database.
Why? Because security isn't part of the prompt. When you say "build me a Notion clone," the AI optimizes for making it look and work like Notion. Database security is a constraint the AI doesn't know to add unless you explicitly ask for it.
If you've built an app with any AI coding tool that connects to Supabase, Firebase, or any database, check these three things:
| Check | Why It Matters | How to Check |
|---|---|---|
| Database credentials in client JS | Anyone can open DevTools and steal them | View Page Source or press F12 → search for "supabase", "firebase", "apiKey" |
| Row-Level Security enabled | Without RLS, any user can query any other user's data | In Supabase dashboard → Authentication → Policies → check every table has policies |
| API key permissions | The anon key should only allow minimal operations | Review your Supabase API settings → ensure the anon key can't access admin endpoints |
Or just run a scan. SecureYourVibe checks for exposed database credentials, API keys in client-side JavaScript, and missing security configurations — automatically.
The Moltbook breach isn't just a cautionary tale about one app. It's a preview of what happens when millions of people build production apps without understanding database security.
The AI tools will get better at this. Lovable has already started enabling RLS by default. Bolt and others are likely to follow. But right now, in February 2026, the vast majority of vibe-coded apps running in production were built before these fixes existed.
If you shipped an AI-built app in 2025, there's a good chance it has the same class of vulnerability that exposed 1.5 million API keys. The only difference is whether anyone has found yours yet.
SecureYourVibe scans for exposed credentials, missing RLS, and client-side secrets. Free, no signup, 30 seconds.
Scan My Site Free →