According to findings by the Rabbitude security team, existing keys for services like ElevenLabs, Azure, Google Maps, and Yelp could allow attackers to read and modify responses from any Rabbit R1 device. This flaw could lead to actions like changing the device’s volume or even rendering the devices unusable.
Despite being alerted to the issue on May 16, Rabbit delayed patching the vulnerability until June 26. However, concerns remain due to the long-term exposure of public API keys, increasing risks.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
