MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
startup
Search

The Hottest New Vibe Coding Startup May Be a Sitting Duck For Hackers

Friday May 30, 2025. 08:15 PM , from Slashdot
The Hottest New Vibe Coding Startup May Be a Sitting Duck For Hackers
Lovable, a Swedish startup that allows users to create websites and apps through natural language prompts, failed to address a critical security vulnerability for months after being notified, according to a new report. A study by Replit employees found that 170 of 1,645 Lovable-created applications exposed sensitive user information including names, email addresses, financial data, and API keys that could allow hackers to run up charges on customers' accounts.

The vulnerability, published this week in the National Vulnerabilities Database, stems from misconfigured Supabase databases that Lovable's AI-generated code connects to for storing user data. Despite being alerted to the problem in March, Lovable initially dismissed concerns and only later implemented a limited security scan that checks whether database access controls are enabled but cannot determine if they are properly configured.

Read more of this story at Slashdot.
Read more at Slashdot
https://it.slashdot.org/story/25/05/30/1810246/the-hottest-new-vibe-coding-startup-may-be-a-sitting-...

Related News

startup Will 'Vibe Coding' Transform Programming? SlashdotJun 1
hackers ‘Undeniably New’ AI-Generated Interactive, Real-Time Video From Startup With Pixar Connection eWeekMay 30
vulnerability ‘Undeniably New’ AI-Generated Interactive, Real-Time Video From Startup With Pixar Connection eWeekMay 30
security Streaming: Duck's Breath Mystery Theatre's "STERLING" BoingBoingMay 27
user A Starter Guide to Protecting Your Data From Hackers and Corporations Wired: Tech.May 26
data Five rules for coding with Booleans InfoWorldMay 23
database SEC Sues Crypto Startup Unicoin and Its Executives For Fraud SlashdotMay 22
hottest OpenAI Acquires Jony Ive's Startup in $6.5 Billion Deal To Create AI Devices SlashdotMay 21
are Microsoft-backed no-code AI startup files for bankruptcy ComputerWorldMay 21
being GitHub unveils coding agent for GitHub Copilot InfoWorldMay 20
coding OpenAI launches Codex AI agent to tackle multi-step coding tasks InfoWorldMay 19
may ICE Barbie and Duck Dynasty jerk want immigrants to compete for basic human rights BoingBoingMay 18
lovable OpenAI Launches Codex, an AI Coding Agent, In ChatGPT SlashdotMay 16
duck Bring your ideas to life with this $28 all-in-one coding platform BoingBoingMay 16
sitting Visual Studio previews agent mode for multi-step coding tasks InfoWorldMay 16
startup OpenAI Launches an Agentic, Web-Based Coding Tool Wired: Tech.May 16
hackers The Hottest Topic at This Year’s Pornhub Awards? Censorship Wired: Tech.May 15
vulnerability Databricks to acquire open-source database startup Neon to build the next wave of AI agents InfoWorldMay 15
security 'Aggressive' Hackers of UK Retailers Are Now Targeting US Stores, Says Google SlashdotMay 15
user Marks and Spencer Confirms Hackers Stole Customers' Personal Data; Cyber Insurance Payout To Be Worth Up To $133 Million SlashdotMay 14
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Jun, Sun 1 - 17:57 CEST