惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
I
InfoQ
宝玉的分享
宝玉的分享
Blog — PlanetScale
Blog — PlanetScale
博客园 - 司徒正美
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
P
Privacy International News Feed
T
Threatpost
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
V
Vulnerabilities – Threatpost
NISL@THU
NISL@THU
aimingoo的专栏
aimingoo的专栏
S
Schneier on Security
C
Cisco Blogs
T
The Blog of Author Tim Ferriss
Simon Willison's Weblog
Simon Willison's Weblog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Jina AI
Jina AI
雷峰网
雷峰网
Know Your Adversary
Know Your Adversary
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
I
Intezer
博客园 - Franky
博客园 - 【当耐特】
Hugging Face - Blog
Hugging Face - Blog
The Hacker News
The Hacker News
K
Kaspersky official blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
Tailwind CSS Blog
Project Zero
Project Zero
T
Tor Project blog
B
Blog RSS Feed
Recorded Future
Recorded Future
Scott Helme
Scott Helme
美团技术团队
V
V2EX
V
Visual Studio Blog
L
Lohrmann on Cybersecurity
P
Proofpoint News Feed
D
DataBreaches.Net
The Register - Security
The Register - Security
M
MIT News - Artificial intelligence
L
LangChain Blog
Cisco Talos Blog
Cisco Talos Blog
博客园 - 三生石上(FineUI控件)
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园_首页
P
Privacy & Cybersecurity Law Blog

Futurism

Meta’s AI Support Bot Is Giving Hackers Access to Other People’s Instagram Accounts Just by Asking Websites Are Spying on Your Solid State Drive The MyPillow Guy’s Entire Business is Being Held Hostage by Hackers Riot Games Denies Using Anti-Cheat Software That Bricks Hackers’ Computers The Trump Phone Appears to Have Already Leaked Its Customers’ Personal Information Through a Glaring Exploit College Kid Shuts Down High Speed Trains With a Laptop and a Radio Google Alarmed by Formidable AI-Powered Zero-Day Cyberattack Scammers Furious That Their Fellow Criminals Are Using AI, Saying It’s Unethical How to Get Rid of Reddit’s Giant App-Shilling Popup That Breaks Its Entire Mobile Site Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself Your Former Employer Is Selling Your Slacks and Emails to Train AI Madison Square Garden Reportedly Used Facial Recognition to Stalk Trans Woman For Two Years Top Security Experts Alarmed by Power of Anthropic’s New Hacker AI Companies Just Learned a Brutal Lesson About Training AI to Do Human Jobs Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes The Fact That Anthropic Has Been Boasting About How Much Its Development Now Relies on Claude Makes It Very Interesting That It Just Suffered a Catastrophic Leak of Its Source Code
Vibe Coded Apps Are Spilling Users’ Personal Information Directly Into the Maw of Greedy Hackers
Jon Christia · 2026-05-10 · via Futurism

Two men dressed as burglars wearing black masks and black clothing, each carrying a large sack over their shoulder. The image has a stylized, high-contrast effect with a greenish tint.

Illustration by Tag Hartman-Simkins / Futurism. Source: Getty Images

Sign up to see the future, today

Can’t-miss innovations from the bleeding edge of science and tech

Artificial intelligence has torn through many industries since the debut of ChatGPT in 2022, but there’s probably no single area where it’s had a clearer material impact than software development.

Programmers running the gamut from experienced to novice have embraced the tech, using chatbots and specialty tools to quickly generate code from natural language prompts. “Vibe coding,” as it’s come to be known, lets almost anyone churn out entire apps in little time — even if they have little or no technical chops.

On a certain level, you have to admit that’s pretty cool. But as we’re learning time and again, it also has distinct downsides.

One particularly glaring drawback is that a lot of vibe-coded software is now being deployed with gaping security flaws. In the latest sign that we may be veering into an AI-enabled hack-pocalypse, a fascinating new Wired story covers research by a cybersecurity firm called RedAccess that found sprawling privacy issues in vibe-coded apps.

The firm examined thousands of web apps created with the vibe coding platforms Lovable, Replit, Base44, and Netlify. What it found was, to put it lightly, not good: 5,000 of them had “virtually no security or authentication of any kind,” and a full 40 percent exposed users’ sensitive data, from medical and financial info to corporate documents and logs of ostensibly private chatbot conversations.

“The end result is that organizations are actually leaking private data through vibe-coding applications,” RedAccess cofounder Dor Zvi told Wired. “This is one of the biggest events ever where people are exposing corporate or other sensitive information to anyone in the world.”

The vibe coding platforms’ response to the embarrassing revelations left something to be desired. Netlify ignored it completely, while the other platforms basically deflected blame onto users, saying they should have better secured their work before putting it out into the world.

“We’re treating this as an ongoing matter,” a Lovable spokesperson told Wired. “It’s also worth noting that Lovable gives builders the tools to build securely, but how an app is configured is ultimately the creator’s responsibility.”

On a certain level they’re right, but these are also the companies claiming that creating software is now as simple as describing it to an AI bot. The reality is that AI remains extremely imperfect, so the resulting code is going have issues that only an experienced human developer or security expert would be able to identify — and these apps, fundamentally, are in the market of putting those people out of business.

“Anyone from your company at any moment can generate an app, and this is not going through any development cycle or any security check,” Zvi told Wired. “People can just start using it in production without asking anyone. And they do.”

More on vibe coding: Entirely Vibe-Coded Operating System Is a Bug-Filled Disaster