Researchers: 5,000+ web apps built using AI coding tools like Lovable, Base44, and Replit have little to no authentication, and ~40% exposed sensitive data
Companies like Lovable, Base44, Replit, and Netlify use AI to let anyone build a web app in seconds—and in thousands of cases …
A Replit employee details a critical security flaw in web apps created using AI-powered app builder Lovable that exposes API keys and personal info of app users
A vulnerability exists in deployed Lovable-generated projects due … Matt Palmer / Matt's Website : Statement on CVE-2025-48757 — On March 20th, 2025, we discovered a critical vulnerability … Jon Vic...
A Replit employee details a critical security flaw in web apps created using AI-powered app builder Lovable that exposes API keys and personal info of app users
THE SCOOP — Lovable, the popular vibe coding app that describes itself as the fastest-growing company in Europe …
CEO Anil Dash says Glitch will stop hosting projects and close user profiles on July 8; Glitch launched in March 2017, and Fastly acquired it in May 2022
stinks though, glitch is an awesome product, created an amazing community, and helped people learn to code. it'll be missed. … Fiona Hopkins / @fionawh.im : Sad times. I'm glad they're being respons...
Researchers say a Next.js flaw that existed for several years could have let hackers bypass middleware-based authentication; Vercel patched the flaw on March 18
Next.js version 15.2.3 has been released to address a security vulnerability (CVE-2025-29927). zhero_web_security : Next.js and the corrupt middleware: the authorizing artifact National Vulnerability ...
Chats, screenshots, and interviews: some people are pirating GPT-4 and offering free access after stealing OpenAI API tokens scraped from other people's code
Joseph Cox / VICE : Tweets: @fabianstelzer , @simonw , @alex , @josephfcox , @iethics , @josephfcox , and @josephfcox Tweets: Fabian Stelzer / @fabianstelzer : “pirating API tokens” - apt scene https...