Another lesson on why proper security architecture is critical in product design.

Researchers found that Teenage Engineering’s Rabbit R1 used hardcoded API keys, which once known, allow anybody to read every single response the R1 AI device has ever given, including those containing the users’ personal information.

Links:

• https://rabbitu.de/articles/security-disclosure-1
• https://x.com/xyz3va/status/1805684840269828605