AI startup Lovable is facing criticism over its handling of a security vulnerability that allowed users to access sensitive information belonging to others. The flaw, identified as a Broken Object Level Authorization (BOLA) bug, potentially exposed source code, database credentials, and chat histories for projects created before November 2025.
.
.
.
.
The recent security issues with Jack Dorsey's BitChat, a messaging app built on Nostr, underscore a broader trend of prioritizing 'vibe coding' – rapid development based on enthusiasm – over robust security practices in the tech world. The article details how BitChat's lack of end-to-end encryption and reliance on centralized servers created vulnerabilities, allowing researchers to intercept messages. This highlights a concerning pattern where developers rush to market with minimal security considerations, potentially jeopardizing user data and privacy.
