Crazy Security vulnerability with billion dollar AI startup Filevine thankfully they fixed it after this user shared the issue with them Be careful connecting your prod systems and file management to AI startups cybersecurity security privacy aitools artificialintelligence

reverse engineered a billion dollar legal AI tool and found over 100,000 confidential files with zero authentication for this person found a massive vulnerability in a startup called Filevine, which is worth $1 billion. They found a subdomain margolist.filevine.com basically got access to this company's box API because they had a maximum access, fully scoped admin token to their entire box file system, including all confidential files, logs and user information. Millions of the most sensitive documents, documents protected by court orders. This is a privacy nightmare.