Connect with us

Hi, what are you looking for?

The Whale CapitalsThe Whale Capitals

Tech News

A group of R1 jailbreakers found a massive security flaw in Rabbit’s code

A photo of the Rabbit R1.
Researchers say Rabbit left secure data vulnerable to bad actors. | Photo: David Pierce / The Verge

Rabbit and its R1 AI gadget are under fire again, and it’s much more serious than the time we found out its launcher really could just be installed as an Android app. A group of developers and researchers called Rabbitude says it discovered API keys hardcoded in the company’s codebase, putting sensitive information at risk of falling into the wrong hands.

These keys essentially provided access to Rabbit’s accounts with third-party services like its text-to-speech provider ElevenLabs and — as confirmed by 404 Media — the company’s SendGrid account, which is how it sends emails from its rabbit.tech domain. According to Rabbitude, its access to these API keys — particularly the ElevenLabs API — meant it could access every response ever…

Continue reading…

You May Also Like

Tech News

Picking up my new passport at the post office. | Photo by Sean Hollister / The Verge Perhaps you’ve heard you can now renew...

Tech News

Brazilian regulators say Meta’s “excessive and unjustified obstacles” make it difficult for users to opt out of AI training. | Illustration: Nick Barclay /...

Tech News

Proton Docs does comments, collaboration, and a bunch of other Google Docs-y things. | Image: Proton Proton Docs looks a lot like Google Docs:...

Politics

There are multiple letters circulating among House Democrats that would call for President Biden to step aside in the 2024 White House race, two...