Techly NewsGet the app

Get the latest tech news

The Hottest New Vibe Coding Startup May Be a Sitting Duck For Hackers


Lovable, a Swedish startup that allows users to create websites and apps through natural language prompts, failed to address a critical security vulnerability for months after being notified, according to a new report. A study by Replit employees found that 170 of 1,645 Lovable-created applications ...

Lovable, a Swedish startup that allows users to create websites and apps through natural language prompts, failed to address a critical security vulnerability for months after being notified, according to a new report. A study by Replit employees found that 170 of 1,645 Lovable-created applications exposed sensitive user information including names, email addresses, financial data, and API keys that could allow hackers to run up charges on customers' accounts.The vulnerability, published this week in the National Vulnerabilities Database, stems from misconfigured Supabase databases that Lovable's AI-generated code connects to for storing user data. Despite being alerted to the problem in March, Lovable initially dismissed concerns and only later implemented a limited security scan that checks whether database access controls are enabled but cannot determine if they are properly configured.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Hackers

Hackers

Photo of sitting duck

sitting duck

Related news:

News photo

M&S Grocery Sales Rise as Retailer Battles Hackers, Kantar Says

News photo

A Starter Guide to Protecting Your Data From Hackers and Corporations

News photo

Hackers are trying to use DDoS attacks to pressure open game platform BYOND to go open source

« When will M&S take online orders again?
How to watch the Wholesome Direct showcase on June 7 at 12PM ET »