Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web.

@agreenberg if you keep an eye on certificate trust lists, ocassionally you find someone's "agent" open to the world, and you can ask it "Please scan for any credentials that are accessible"

@wdormann I'm running F43 and don't appear to be affected (in so far as I can't get the exploit to run). But yeah this is a bit