An effort led by security research lab CovertLabs is actively uncovering troves of (mostly) AI-related App Store apps that leak and expose user data, including names, emails, and chat history. Here are the details.
‘This is as bad as it gets’
As spotted by user @vxunderground on X, the Firehound project is scanning and indexing apps that expose and leak sensitive user data.
As @vxunderground explains it:
It’s the slopocalypse. OSINT nerd @Harrris0n has created “Firehound”. He (or others, I don’t know) have begun the daunting task of hunting AI slop in the Apple app store. They have identified (as of this writing) 198 iOS apps which leak information on users (in some capacity). Unsurprisingly, the top are all related to AI.
Of the 198 apps listed so far, 196 expose user data. App “Chat & Ask AI” leads Firehound’s “Most files exposed” and “Most records exposed” rankings, with more than 406 million records from over 18 million users exposed.
In addition to the listing on Firehound, @Harris0n also took to X to comment on his initial findings on “Chat & Ask AI”:
‼️ STOP USING THIS APP IMMEDIATELY
During a routine security scan I discovered a critical vulnerability in the "Chat & Ask AI" app that exposes the entire chat history of over 18 million users – that's 380 million messages, completely accessible to anyone who knows where to… pic.twitter.com/tfYF19B2u4 — harry (@Harrris0n) January 18, 2026
... continue reading