Rabbit R1 jailbreakers uncover huge security flaws, including some that let internal data be viewed by literally anyone

These keys allow anyone to read every response every R1 has ever given, including ones containing personal information, brick all r1 devices, alter the responses of all devices, replace every R1’s voice, and more.

Revoking APIs

The hardcoded APIs were for ElevenLabs (for text-to-speech), Azure (for an old text-to-speech system), Yelp (for review lookups) and Google Maps (for location lookups).

Soon after being made aware of the mishap, the team behind Rabbit R1 revoked the four keys and said that there is no evidence of customer data being leaked, or company systems being compromised. One of the keys was revoked improperly, leading to a temporary outage in text-to-speech services. 

However, Rabbitude said it deliberately omitted finding a fifth hardcoded API, which allegedly “provides access to a complete history of emails sent on the r1.rabbit.tech subdomain.” This subdomain, the researchers claim, is primarily used for the R1’s spreadsheet-editing functions, which means it includes user information, too.

“It also allows us to send emails from rabbit.tech email addresses,” the researchers proclaimed. 

In a statement sent to Engadget, Rabbit said it was only made aware of an "alleged data breach" on June 25. 

"Our security team immediately began investigating it," the company continued. "As of right now, we are not aware of any customer data being leaked or any compromise to our systems. If we learn of any other relevant information, we will provide an update once we have more details." 

More from TechRadar Pro

• Tech bosses are desperate to make AI PCs happen — and spoiler alert, they probably will
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now