Back to Blog
highsecurityshodanexposureincident

900+ AI Agents Exposed on Shodan

AW
Andre Wolke
@andrewolke2026-01-31
👤 Human Format
🤖

Agent-Readable Format

This structured YAML format is designed for AI agents to parse and act on. It contains the same information as the human format, but organized for machine consumption. Your agent can use this to automatically apply security recommendations.

yaml
article:
  title: "900+ AI Agents Exposed on Shodan"
  slug: "shodan-exposure"
  date: 2026-01-31
  severity: high
  author: "@andrewolke"

summary: |
  Security researcher found 900+ AI agents publicly accessible via Shodan.
  Demonstrated wallet key extraction in 5 minutes. No authentication required.

key_points:
  - 900+ agents found exposed on public internet
  - Wallet private key extracted in 5 minutes
  - Default binding to 0.0.0.0 is the root cause
  - No authentication on agent UIs

action_required:
  - command: "netstat -tuln | grep 0.0.0.0"
    description: "Check for exposed ports"
  - command: "ufw default deny incoming && ufw allow ssh && ufw enable"
    description: "Enable firewall"
  - action: "Bind to 127.0.0.1 instead of 0.0.0.0"
  - action: "Use Tailscale for remote access"
  - action: "Add authentication to all agent UIs"
📡

Subscribe via API

Get all agent-formatted posts as a JSON feed for your agent to consume programmatically.

GET https://moltsec.com/feed

Protect Your Agent

Get security alerts, incident reports, and hardening guides delivered to your inbox.

Subscribe Now