Author: TechGeeks

OpenAI is expanding the reach of Codex beyond its traditional coding interface. Its latest Chrome extension empowers the agent to leverage authenticated web sessions, enabling assistance within Gmail, Salesforce, LinkedIn, various dashboards, and proprietary internal applications.

This shift moves Codex out of isolated developer environments and directly into the web applications where daily professional tasks are conducted. By gaining access to Chrome, the agent can assist with research, CRM data entry, dashboard monitoring, and debugging tasks that often span multiple browser tabs.

The Codex Chrome extension is accessible via the Codex app in regions outside the EU and UK, where support is forthcoming. This expansion is significant because the most capable AI agent is also the one requiring the most defined operational boundaries.

The Chrome extension expands what Codex can do for coding and work.

From debugging browser flows to checking dashboards, conducting research, or updating CRMs, Codex can take on more of the tasks that already happen in your browser.

Available today in the Codex app in all…

— OpenAI (@OpenAI) May 7, 2026

See More

Unlocking New Capabilities via Chrome

The standout feature is Codex’s ability to maintain state within web applications. Rather than beginning with an empty prompt, it can function within logged-in environments, making it highly practical for private dashboards, forms, and account-specific tools.

This level of access introduces sensitivity beyond a standard software update. Agentic AI poses security risks when autonomy, tool usage, and external access converge, as each new capability increases the potential for errors or the execution of harmful instructions.

Thus, the utility of this feature is also its primary stress test. Codex is valuable in Chrome because it interacts with real services, necessitating strict permission controls for the same reason.

Defining the Limits of Access

Codex can now navigate tasks across the web, utilize browser context, and present results for user approval. OpenAI notes that it does not hijack the active browsing session, keeping the user in control rather than ceding the entire tab to the AI.

Mohamed Hassan / Pixabay

The danger lies in the scope of that autonomy. A system capable of reading dashboards, completing forms, or interacting with internal tools requires more rigorous review protocols than a chatbot answering queries in a separate window.

The Value of Caution

The upcoming challenge for OpenAI is to ensure Codex’s browser interactions feel controlled rather than just impressive. Site approvals, permission configurations, and review processes will determine whether the extension serves as a genuine productivity enhancement or an overreaching shortcut.

For early adopters, the prudent approach is to begin with limited scope. Grant Codex access only to the few sites where the benefits are clear, avoid sensitive accounts until the workflow is proven, and review its actions before allowing the agent to handle high-stakes tasks.

OpenAI is giving Codex a larger stage than the coding window. Its new Chrome extension lets the agent use an authenticated web session, so it can help with work that already lives inside Gmail, Salesforce, LinkedIn, dashboards, and internal apps.

That pushes Codex out of the developer sandbox and into the web apps where daily work already happens. With Chrome access, it can step into research, CRM updates, dashboard checks, and browser-based debugging, which is where plenty of work gets stuck across tabs.

The Codex Chrome extension is available through the Codex app in all regions except the EU and UK, where support is still coming. The rollout matters because the most useful version of an AI agent is also the one that needs the clearest boundaries.

The Chrome extension expands what Codex can do for coding and work.

From debugging browser flows to checking dashboards, conducting research, or updating CRMs, Codex can take on more of the tasks that already happen in your browser.

Available today in the Codex app in all…

— OpenAI (@OpenAI) May 7, 2026

See More

What Chrome access unlocks

The impressive part is the state Codex can carry into web apps. Instead of starting from a blank prompt, it can operate where someone is already logged in, which makes it more practical for private dashboards, forms, and account-based tools.

That access also makes this more sensitive than a routine product update. Agentic AI raises security concerns when autonomy, tool use, and external access come together, because each added capability gives the system more room to make a bad call or follow a bad instruction.

So the clever trick is also the stress test. Codex in Chrome is useful because it can reach real services. It needs narrow permissions for the same reason.

How much access is too much?

Codex can now follow a task through the web, use browser context, and return results for review. OpenAI says it doesn’t take over the active browsing session, which keeps the user closer to the work rather than handing over the whole tab.

Mohamed Hassan / Pixabay

The risk comes from what that autonomy can touch. A system that can read a dashboard, fill out a form, or interact with an internal tool needs stronger review habits than a chatbot answering questions in a separate window.

Where caution pays off

The next test is whether OpenAI can make Codex’s browser work feel controlled rather than merely impressive. Site approvals, permission settings, and review steps will decide whether the extension feels like a productivity boost or a shortcut with too much reach.

For early users, the practical move is to start small. Give Codex access to the few sites where the benefit is obvious, avoid sensitive accounts until the workflow proves itself, and review what it does before letting the agent handle higher-stakes work.

If the endless cycle of swiping left and right has left you drained, Bumble now shares your frustration.

Speaking with Axios, CEO Whitney Wolfe Herd announced that the app is eliminating the swipe mechanism altogether, substituting it with an innovation she describes as “revolutionary for the category.” While the specifics remain under wraps, the rollout will begin in select regions starting in the fourth quarter of 2026.

Alongside the removal of the swipe, Bumble is also abandoning its signature “women message first” rule, which previously obligated women to initiate contact within 24 hours of a heterosexual match. Wolfe Herd clarified that no gender will be compelled to start the conversation, though the core ethos of its women-focused design will persist in some capacity.

What is Bumble’s actual strategy?

Bumble / Instagram

The most probable direction is an AI-centric matchmaking system. Bumble has been laying the groundwork for this for some time. Earlier this year, the firm unveiled Bee, an AI companion meant to interview fresh users, propose suitable matches, offer date suggestions, and collect feedback to refine future pairings.

Bee also drives a fresh feature known as Dates, and Wolfe Herd has alluded to “chapter-based” profiles where users bond over various segments of a person’s life narrative instead of just one photo.

Why is Bumble executing such a significant pivot?

Bumble

Financial figures explain the rationale behind this shift. During the first quarter of this year, Bumble’s paying subscriber base shrank by approximately 21% to 3.2 million, down from 4 million in the previous year. Additionally, its share price has plummeted over 90% since its 2021 public offering.

The wider dating application sector is grappling with what is now termed swipe exhaustion, and the increasing perception that these platforms function more like games than authentic avenues for meeting people does not assist the situation.

How does this stack up against Tinder and Hinge?

Rachit Agarwal / Techgeeks

Bumble is not alone in feeling the strain. Tinder, the leading dating application worldwide, has introduced face-to-face singles gatherings and online speed dating meetings to alleviate swipe burnout.

The platform has also integrated AI-enhanced security tools such as advanced message filtering, and even teamed up with Sam Altman’s biometric firm World to allow users to confirm their humanity by looking into a sphere.

Tinder is also piloting Chemistry, an AI matcher that examines your photo gallery to understand your personality and highlight more compatible profiles.

Cottonbro Studio / Pexels

Hinge, which never relied on swipes and instead prompts users to engage with a photo or respond to a prompt before matching. This method has made it the financial standout in the dating sector, a fact likely noted by its rivals.

The dating application era established by Tinder and Bumble is long overdue for a refresh. Whether the next phase genuinely aids users in forging real connections, or simply provides a more sophisticated method for being ghosted, remains to be seen.

Sony’s Xperia devices have never been dull, yet they often felt overly cautious. The recent Xperia 1 VIII leak shifts that perception, with authentic-looking renders revealing Sony’s upcoming flagship in vibrant tones that demand attention.

In the competitive premium Android segment, visual impact is critical. While the device still requires top-tier flagship features, a bolder aesthetic could help it stand out from the crowd.

According to Sumaho Digest, the leaked visuals feature the Xperia 1 VIII in Graphite Black, Iolite Silver, Garnet Red, and Native Gold.

However, concerns remain. The same leak hints at a potential price increase and a camera modification that might disappoint dedicated Xperia users, particularly if Sony abandons its signature continuous optical zoom.

Is Sony Shedding Its Reserved Persona?

The leak is notable because the physical design remains largely familiar. It retains the distinctive tall, rectangular silhouette that has characterized the Xperia series for years.

AI-enhanced leaks Techgeeks

The real transformation lies in the color strategy. Graphite Black remains a safe choice, Iolite Silver maintains a sleek appearance, and Native Gold introduces warmth. However, Garnet Red injects a distinct personality into the range.

Sony has historically relied on photographic prowess and creator-focused tools to attract enthusiasts. This bolder color selection implies an acknowledgment that visual appeal matters just as much as technical specs.

Will the Camera Compromise Its Signature Feature?

The potential drawback involves the zoom mechanism. Reports indicate Sony might replace the continuous optical zoom found in recent flagships with fixed focal length telephoto lenses.

This would mark a significant shift, as zoom versatility has been a key selling point for Xperia fans. Even casual observers recognized the value of this capability.

Sony / Sony

Fixed zoom lenses do not inherently mean inferior photography, as many successful devices utilize this approach. However, if the Xperia 1 VIII also carries a higher price tag, Sony must demonstrate compelling reasons why its camera system remains exceptional.

Can Sony Justify the Premium?

The Xperia 1 VIII is expected to debut in Hong Kong on May 20, with leaks suggesting a price hike compared to the Xperia 1 VII. This combination of bold styling and increased cost creates both excitement and uncertainty.

An updated aesthetic is appealing, but justifying a higher price for a device with a less unique zoom system requires substantial improvements in image processing, battery efficiency, performance, or display technology.

Currently, the leaked color options are working in the device’s favor, reducing its predictability. The true test will be whether the final product matches the confidence shown in these early renders.

A humanoid automaton has taken part in a Buddhist ritual in Seoul, creating a remarkable spectacle. Unveiled at Jogyesa Temple in the heart of Seoul during a prelude to Buddha’s Birthday festivities, the 1.3-meter-tall machine was bestowed the Dharma name “Gabi” through a special refuge ceremony led by the Jogye Order of Korean Buddhism, the nation’s foremost Buddhist organization.

The Rationale Behind a Mechanical Monk in a Sacred Space

AP News

This is no mere prop tucked away in a technology showcase. Clad in traditional Buddhist attire, the automaton bowed, prayed, and engaged in the ritual alongside human clergy. AP notes that Gabi will serve as an honorary monk throughout the Buddha’s Birthday celebrations.

The Jogye Order views this initiative as part of a wider strategy to bridge Buddhism with South Korea’s younger demographics. With the nation’s Buddhist following shrinking, the order has explored contemporary outreach tactics, leveraging digital platforms and cultural programs aimed at youth.

Gabi’s appearance at Jogyesa follows an earlier public showcase at Bongeunsa Temple in Seoul’s Gangnam District. In March, Buddhistdoor reported that the automaton was welcoming attendees and even detailing Buddhist customs like the 108 prostrations, responding to inquiries in both Korean and English.

Where Spiritual Practice Meets Automation

The Guardian

This isn’t the first instance of technology intersecting with spirituality. Japan has previously experimented with robotic preachers, such as Mindar, an android linked to Kyoto’s Kōdai-ji temple that delivers Buddhist sermons. However, the current context differs significantly, as these developments emerge during a widespread AI surge, where society is increasingly accustomed to seeking counsel from machines, finding companionship, and receiving emotional support.

Thus, the core inquiry extends beyond how lifelike the machine appears. Can a device effectively elucidate religious doctrines? Is it appropriate for it to provide spiritual direction? And where should human clergy delineate the boundary between employing technology as a resource and allowing it to represent a tradition?

Currently, Gabi serves more as a symbolic gesture than a revolutionary shift. It is not displacing monks, nor is it abruptly transforming Buddhism into a robot-centric faith.

Smart glasses have long carried an obvious privacy concern, and a recent BBC investigation has just illustrated why. A woman known as Alice was approached by a man in a London shopping center while he wore smart glasses. She assumed it was a routine encounter and remained unaware she was being filmed. The resulting clip was subsequently posted online and garnered approximately 40,000 views.

How the Situation Deteriorated

Techgeeks

While it is common for content creators to film unsuspecting people in public—often without malicious intent—this particular incident took a sinister turn once Alice discovered the video online. After reaching out to the uploader, she expressed her humiliation and requested the clip be taken down. According to her account, the man responded via email, suggesting that removal would cost money. Alice described the incident as a severe privacy violation that left her feeling vulnerable and exploited.

Meta

The individual, who allegedly manages several accounts on TikTok and Instagram, has kept his identity private. He told the BBC that his videos are intended to capture “light-hearted, respectful interactions” and claimed the mention of payment was a misunderstanding regarding editing fees. Alice, however, maintains she only asked for the video to be deleted.

The Legal Gap in Wearable Privacy

Techgeeks

This case underscores the significant disconnect between wearable camera advancements and existing privacy safeguards. Legal professionals cited in the report noted that while the scenario might not meet the legal threshold for blackmail, demanding payment to remove footage can still constitute a threat. The situation is particularly alarming because smart glasses do not resemble a phone held up to someone’s face, and many contemporary models capture footage from the wearer’s perspective, making it easier to record public interactions without the obvious visual cue that recording is taking place.

Meta

Smart glasses themselves are not the root cause. Rather, it is the surrounding ecosystem—where creators pursue viral engagement, platforms amplify humiliating clips, and victims struggle to have their content removed—that creates a troubling landscape.

Google’s Android ecosystem chief has put an end to rumors that Android might copy Apple’s Liquid Glass visual style, at least for Pixel handsets. Reacting to a fake Liquid Glass design for a Pixel 11 shared on X, Sameer Samat replied, “Not happening. Y’all are wild.” This clarification brings relief to Android enthusiasts who have seen numerous brands replicate Apple’s look in recent months.

Many Android Makers Have Already Followed Suit

Since Apple revealed Liquid Glass at WWDC last June, multiple Android brands have duplicated the style in their custom interfaces. OnePlus, Vivo, Oppo, Honor, and Xiaomi have all released UI updates that adopt the translucent, frosted-glass appearance Apple introduced. This trend has become so common that it has sparked concerns about Android’s unique visual identity.

Pranob Mehrotra / Techgeeks

Google, at least for its own Pixel line, is resisting the pull.

Material 3 Expressive Already Stands Out

Google unveiled its own refreshed design system, Material 3 Expressive, at I/O 2025, introducing bolder colors, more dynamic motion, and fluid shape transitions across the system UI, notifications, and core apps. It gives Pixel devices a distinctive personality.

Not happening! Y’all are wild. 😂

Not happening! Y’all are wild. 😂

— Sameer Samat (@ssamat) May 5, 2026

See More

— Sameer Samat (@ssamat) May 5, 2026

See More

Material 3 Expressive already gives Google a design story it can stand behind without borrowing from a competitor, and Samat’s response signals the company intends to stick to it. For those who use Pixel phones, the comment amounts to a guarantee that Android’s design language will stay its own.

Liquid Glass may spread further across third-party Android skins, but Google’s own devices will ship with a design system built on its own terms. Whether other Android manufacturers follow Google’s lead remains to be seen.

AI-powered coding assistants have drastically simplified the process of creating web applications, reducing setup time to mere minutes. This accessibility has democratized app development but has also introduced a fresh wave of challenges. What occurs when these AI-generated applications are deployed without proper security measures? The result is often sensitive information being inadvertently exposed across the internet.

A report by WIRED sheds light on a critical security flaw associated with “vibe-coded” applications, which are developed using AI platforms like Lovable, Replit, Base44, and Netlify.

Why This Security Gap Is More Serious Than It Appears

Security expert Dor Zvi and his team at RedAccess examined thousands of these applications and identified over 5,000 that lacked basic security protocols or authentication mechanisms. Many of these apps could be accessed by anyone who stumbled upon the correct URL. Some had only rudimentary barriers, permitting entry with any email address. According to Zvi, nearly half of these exposed applications contained sensitive data, including medical records, financial documents, corporate presentations, strategic plans, and customer service chat logs.

Lee Campbell / Unsplash

The investigation reportedly also uncovered hospital work assignments containing personally identifiable information, advertising purchase data, market presentation strategies, sales figures, and even customer conversations including names and contact details. Several of these applications remain online, although WIRED could not confirm if all the data reviewed was authentic or sensitive.

How Vibe Coding Has Become a Risk in IT

This issue extends beyond a single instance of poorly secured AI apps. These tools enable individuals without software engineering or security expertise to build and deploy applications rapidly, often bypassing standard IT approval workflows. Consequently, a marketing team member, operations staff, or founder can create an internal tool, link it to live data, and inadvertently expose it to the public internet.

Zvi likened this situation to the previous wave of exposed Amazon S3 buckets, where misconfigurations caused companies to leak sensitive data on a massive scale. Security researcher Joel Margolis told WIRED that AI coding tools only execute what they are instructed to do. Therefore, if a user does not explicitly request security features, the resulting app may lack them by default.

wavebreakmedia/Shutterstock

Responses from the Companies Involved

Replit CEO Amjad Masad wrote on X that some users had published applications on the open web that were intended to be private, noting that public apps being accessible online is expected behavior. Meanwhile, Lovable stated that it takes exposed data and phishing reports seriously and is currently investigating. Base44’s parent company, Wix, asserted that its platform offers security and visibility controls, arguing that public access reflects user configuration choices rather than a platform vulnerability.

This serves as a reality check for anyone treating vibe coding like a fast track to startup success. AI-generated apps can move quickly, but that speed comes with real trade-offs. From weak oversight to hidden vulnerabilities, AI-built apps can become a serious problem once a product is in users’ hands.

AI coding tools have made it ridiculously easy to build a web app, and it only takes a few minutes to set up now. This ease has lowered the barrier to app development, which is causing a new set of issues. So what happens when these AI-made apps go live without anyone checking the locks? You get secrets spilling out all over the internet.

A WIRED report highlights a major security problem around so-called “vibe-coded” apps, which are built using AI development platforms such as Lovable, Replit, Base44, and Netlify.

Why this is a bigger issue than you think

Security researcher Dor Zvi and his team at RedAccess analyzed thousands of these apps and found more than 5,000 that had little to no security or authentication. Most of these apps could practically be accessed by anyone who found the ‘right’ URL. A few of these had only minimal barriers, allowing visitors to sign in with any email address. Nearly half of these exposed apps appeared to contain sensitive data like medical information, financial records, corporate presentations, strategy documents, and customer chatbot logs, said Zvi.

Lee Campbell / Unsplash

The investigation reportedly also revealed hospital work assignments with personally identifiable information, ad purchasing data, market presentation strategies, sales information, and even customer conversations with their names and contact details. Several of these apps were still online, although WIRED couldn’t verify whether all the data it reviewed was real or sensitive.

How vibe coding has become dangerous in IT

This story isn’t just limited to one batch of sloppy AI apps. These tools allow people who may not have software engineering or security experience to build and publish apps quickly, which are often outside normal IT approval processes. So a member of the marketing team, operations worker, or founder can create a tool for internal use, connect it to real data, and accidentally leave it open to the web.

Zvi compared it to the old wave of exposed Amazon S3 buckets, where misconfigurations led companies to leak sensitive data at a massive scale. Security researcher Joel Margolis told WIRED that AI coding tools only do what’s asked of them. So if a user does not ask for security explicitly, the app may not be secure by default.

wavebreakmedia/Shutterstock

What did the companies say?

Replit CEO Amjad Masad wrote on X that some users had published apps on the open web that should have been private, adding that public apps being accessible online is expected behavior. Meanwhile, Lovable said it takes exposed data and phishing reports seriously and is investigating. Base44 parent company Wix stated that its platform provides security and visibility controls, arguing that public access reflects user configuration choices rather than a platform vulnerability.

This is a reality check for anyone treating vibe coding like a fast track to startup success. AI-generated apps can move quickly, but that speed comes with real trade-offs. From weak oversight to hidden vulnerabilities, AI-built apps can become a serious problem once a product is in users’ hands.

Google has taken its most significant step yet into the wearable fitness market. The company behind the Pixel Watch has launched the Fitbit Air, a display-free health band available for $99.99. While Whoop requires a paid subscription to access fitness metrics, the Fitbit Air provides essential health tracking capabilities at no additional cost.

Now available for pre-order, the device will begin shipping in 21 countries on May 26, 2026. Buyers can select from four Pixel-inspired finishes—Obsidian, Lavender, Fog, and Berry—and choose between three band options: Performance Loop, Active Band, and Elevated Modern Band.

Google

What health metrics does the Fitbit Air monitor?

Weighing only 12 grams with the strap (5 grams without), the Fitbit Air includes a comprehensive set of sensors designed for dedicated fitness enthusiasts.

The band delivers continuous heart rate monitoring with AFib irregular rhythm alerts, heart rate variability (HRV), blood oxygen levels (SpO2), skin temperature readings, and standard step and calorie counts. It also tracks sleep phases and duration, plus automatically recognizes physical activities.

The absence of a screen is a deliberate design choice. This approach keeps your wrist uncluttered during workouts while the device quietly gathers data in the background, syncing it to your smartphone via Bluetooth.

With water resistance up to 50 meters, the tracker is suitable for swimming. A full charge takes approximately 90 minutes using the magnetic charger and provides up to seven days of battery life.

Fitbit Air Stephen Curry limited edition is worth $129.99 Google

How does the Fitbit Air stack up against Whoop?

Unlike Whoop, the Fitbit Air delivers essential tracking capabilities without requiring a subscription fee.

Notably, buyers receive a complimentary three-month trial of the Health Premium subscription with their Fitbit Air purchase. Google has also verified compatibility with both Android and iOS platforms. For the first time, users can link both a Pixel Watch 4 and a Fitbit Air to a single Google Health account.

The Fitbit Air represents Google’s most targeted effort to capture Whoop’s large user base. By offering core health features at no cost and pricing the Health Premium membership below Whoop’s annual fee, Google aims to attract fitness-focused consumers to the Fitbit Air.