Hackers Expose Major Security Flaw in Rabbit R1 AI Device

Critical API keys left in codebase allow unauthorized access to user data and device control.

White hat hackers discovered hardcoded API keys in Rabbit R1's codebase, compromising user data.
The keys enable access to all R1 responses, including personal information, and can brick devices.
Researchers verified their access by sending emails from internal Rabbit addresses.
Rabbit has been aware of the breach for a month but took no action until recently.
Company claims no customer data was leaked, despite the significant security lapse.