Category: Technologies

  • Google Unveils Gemini-Powered AI Health Coach: Everything You Need to Know

    Google Unveils Gemini-Powered AI Health Coach: Everything You Need to Know

    Google has officially stepped into the AI health coaching arena, a move that has been anticipated for some time. The tech giant has introduced the Google Health Coach, a Gemini-driven wellness companion integrated into the newly rebranded Google Health app. This assistant monitors your exercise routines, evaluates your sleep patterns, processes your medical documentation, and adapts to your lifestyle in real-time. Essentially, it offers the expertise of a personal trainer, sleep specialist, and nutritionist around the clock for a monthly fee of $9.99. Below is a comprehensive overview of Google’s strategy to become your primary health companion.

    A Familiar Coach, Rebranded

    The Google Health Coach wasn’t introduced without prior development. It has been in development for some time, previously known under a different title. Google initially showcased it during its August 2025 Made by Google event, with a public beta launch scheduled for October. This promise was fulfilled for Fitbit Premium users on Android, with an iOS version arriving subsequently.

    Previously, this feature operated within the Fitbit app under the name Fitbit AI Coach. With the recent announcement, the Fitbit app has been rebranded as Google Health, and the coach has received a matching new name. The preview phase allowed Google to collect user feedback and refine the tool before committing to a worldwide launch, which is now imminent.

    Launch Timeline

    Google Health Coach will officially launch alongside the rebranded Google Health app on May 19. The release will be phased, with full availability expected by May 26, coinciding with the market debut of the new Fitbit Air.

    Initially, the coach will be restricted to Fitbit and Pixel Watch devices, though support for additional hardware will be added later. Non-compatible device owners can still download the Google Health app and register to be notified when their device becomes supported.

    Core Capabilities

    Designed to act as a personal health assistant, the coach begins with an onboarding conversation to understand your profile. It asks about your objectives, daily habits, available equipment, injuries, and other lifestyle factors to tailor its advice. Since circumstances change, you can update this information anytime, allowing the coach to adjust its recommendations dynamically.


    By combining this contextual data with your fitness, sleep, nutrition, cycle tracking, local weather, and optional medical records, the coach provides relevant guidance. Daily insights and prompts appear in the redesigned Today tab of the Google Health app. For specific queries, the “Ask Coach” feature provides on-demand assistance.

    The coach supports logging meals, workouts, and health data via voice, photos, or documents. Users can photograph a gym whiteboard to record a session or take a picture of a meal for nutritional analysis. In the US, users can also sync medical records and query the coach about test results, medications, and past visits.

    The coach also influences the broader Google Health app experience. The Fitness tab provides a weekly plan aligned with your goals, suggesting workouts based on your readiness and recovery. Users can create custom routines using natural language, receiving step-by-step guidance throughout.

    The Sleep tab expands on basic hour tracking by analyzing long-term consistency and identifying areas for improvement. The Health tab offers a quick overview of key metrics and allows users to request summaries of their medical records in plain language.

    Cycle tracking, nutrition, and mental wellbeing modules have been rebuilt from the ground up, with the coach linking insights across all three to refine workout and recovery suggestions. For instance, if your menstrual cycle impacts your energy or sleep, the coach will factor that into your weekly plan.

    Grounded in Expertise

    Google emphasizes the coach’s strong foundation, stating its advice is driven by Gemini and informed by “novel health research and established wellness principles.” The company collaborated with a Consumer Health Advisory Panel of medical professionals and clinicians, along with its own clinical and sports science teams, to ensure recommendations are evidence-based.

    NBA star Stephen Curry and his performance team also contributed, working with Google Health to refine the coach’s approach to goal setting and recovery.

    Regarding privacy, Google reaffirms its pledge made upon acquiring Fitbit: health and wellness data will not be used for Google Ads. This commitment extends to the Google Health app and will remain in effect.

    Pricing and Availability

    Google Health Coach is included with a Google Health Premium subscription, the rebranded Fitbit Premium. Pricing remains unchanged at $9.99 monthly or $99 annually. Existing Fitbit Premium subscribers will experience no changes to their accounts.

    Users on Google AI Pro or Ultra plans receive Google Health Premium at no additional cost, enhancing the value for health-conscious individuals. The new Fitbit Air also includes three months of Google Health Premium, allowing new device owners to test the full features before subscribing.

    Google Health Coach launches on May 19. With Apple recently abandoning its own health coaching initiatives, Google has a chance to establish early dominance in this market. The real test will be how the coach performs in daily use, making the coming months an interesting period to watch.

  • OpenAI’s Codex Now Operates Within Chrome, Where Productivity Meets Potential Hazards

    OpenAI’s Codex Now Operates Within Chrome, Where Productivity Meets Potential Hazards

    OpenAI is expanding the reach of Codex beyond its traditional coding interface. Its latest Chrome extension empowers the agent to leverage authenticated web sessions, enabling assistance within Gmail, Salesforce, LinkedIn, various dashboards, and proprietary internal applications.

    This shift moves Codex out of isolated developer environments and directly into the web applications where daily professional tasks are conducted. By gaining access to Chrome, the agent can assist with research, CRM data entry, dashboard monitoring, and debugging tasks that often span multiple browser tabs.

    The Codex Chrome extension is accessible via the Codex app in regions outside the EU and UK, where support is forthcoming. This expansion is significant because the most capable AI agent is also the one requiring the most defined operational boundaries.

    The Chrome extension expands what Codex can do for coding and work.

    From debugging browser flows to checking dashboards, conducting research, or updating CRMs, Codex can take on more of the tasks that already happen in your browser.

    Available today in the Codex app in all…

    — OpenAI (@OpenAI) May 7, 2026

    See More

    Unlocking New Capabilities via Chrome

    The standout feature is Codex’s ability to maintain state within web applications. Rather than beginning with an empty prompt, it can function within logged-in environments, making it highly practical for private dashboards, forms, and account-specific tools.

    This level of access introduces sensitivity beyond a standard software update. Agentic AI poses security risks when autonomy, tool usage, and external access converge, as each new capability increases the potential for errors or the execution of harmful instructions.

    Thus, the utility of this feature is also its primary stress test. Codex is valuable in Chrome because it interacts with real services, necessitating strict permission controls for the same reason.

    Defining the Limits of Access

    Codex can now navigate tasks across the web, utilize browser context, and present results for user approval. OpenAI notes that it does not hijack the active browsing session, keeping the user in control rather than ceding the entire tab to the AI.

    The danger lies in the scope of that autonomy. A system capable of reading dashboards, completing forms, or interacting with internal tools requires more rigorous review protocols than a chatbot answering queries in a separate window.

    The Value of Caution

    The upcoming challenge for OpenAI is to ensure Codex’s browser interactions feel controlled rather than just impressive. Site approvals, permission configurations, and review processes will determine whether the extension serves as a genuine productivity enhancement or an overreaching shortcut.

    For early adopters, the prudent approach is to begin with limited scope. Grant Codex access only to the few sites where the benefits are clear, avoid sensitive accounts until the workflow is proven, and review its actions before allowing the agent to handle high-stakes tasks.

  • OpenAI’s Codex Extension Now Available in Chrome: Expanding Capabilities and Risks

    OpenAI’s Codex Extension Now Available in Chrome: Expanding Capabilities and Risks

    OpenAI is giving Codex a larger stage than the coding window. Its new Chrome extension lets the agent use an authenticated web session, so it can help with work that already lives inside Gmail, Salesforce, LinkedIn, dashboards, and internal apps.

    That pushes Codex out of the developer sandbox and into the web apps where daily work already happens. With Chrome access, it can step into research, CRM updates, dashboard checks, and browser-based debugging, which is where plenty of work gets stuck across tabs.

    The Codex Chrome extension is available through the Codex app in all regions except the EU and UK, where support is still coming. The rollout matters because the most useful version of an AI agent is also the one that needs the clearest boundaries.

    The Chrome extension expands what Codex can do for coding and work.

    From debugging browser flows to checking dashboards, conducting research, or updating CRMs, Codex can take on more of the tasks that already happen in your browser.

    Available today in the Codex app in all…

    — OpenAI (@OpenAI) May 7, 2026

    See More

    What Chrome access unlocks

    The impressive part is the state Codex can carry into web apps. Instead of starting from a blank prompt, it can operate where someone is already logged in, which makes it more practical for private dashboards, forms, and account-based tools.

    That access also makes this more sensitive than a routine product update. Agentic AI raises security concerns when autonomy, tool use, and external access come together, because each added capability gives the system more room to make a bad call or follow a bad instruction.

    So the clever trick is also the stress test. Codex in Chrome is useful because it can reach real services. It needs narrow permissions for the same reason.

    How much access is too much?

    Codex can now follow a task through the web, use browser context, and return results for review. OpenAI says it doesn’t take over the active browsing session, which keeps the user closer to the work rather than handing over the whole tab.

    The risk comes from what that autonomy can touch. A system that can read a dashboard, fill out a form, or interact with an internal tool needs stronger review habits than a chatbot answering questions in a separate window.

    Where caution pays off

    The next test is whether OpenAI can make Codex’s browser work feel controlled rather than merely impressive. Site approvals, permission settings, and review steps will decide whether the extension feels like a productivity boost or a shortcut with too much reach.

    For early users, the practical move is to start small. Give Codex access to the few sites where the benefit is obvious, avoid sensitive accounts until the workflow proves itself, and review what it does before letting the agent handle higher-stakes work.

  • Techgeeks: Bumble is Phasing Out Swipes to Combat Dating App Burnout

    Techgeeks: Bumble is Phasing Out Swipes to Combat Dating App Burnout

    If the endless cycle of swiping left and right has left you drained, Bumble now shares your frustration.

    Speaking with Axios, CEO Whitney Wolfe Herd announced that the app is eliminating the swipe mechanism altogether, substituting it with an innovation she describes as “revolutionary for the category.” While the specifics remain under wraps, the rollout will begin in select regions starting in the fourth quarter of 2026.

    Alongside the removal of the swipe, Bumble is also abandoning its signature “women message first” rule, which previously obligated women to initiate contact within 24 hours of a heterosexual match. Wolfe Herd clarified that no gender will be compelled to start the conversation, though the core ethos of its women-focused design will persist in some capacity.

    What is Bumble’s actual strategy?

    The most probable direction is an AI-centric matchmaking system. Bumble has been laying the groundwork for this for some time. Earlier this year, the firm unveiled Bee, an AI companion meant to interview fresh users, propose suitable matches, offer date suggestions, and collect feedback to refine future pairings.

    Bee also drives a fresh feature known as Dates, and Wolfe Herd has alluded to “chapter-based” profiles where users bond over various segments of a person’s life narrative instead of just one photo.

    Why is Bumble executing such a significant pivot?

    Financial figures explain the rationale behind this shift. During the first quarter of this year, Bumble’s paying subscriber base shrank by approximately 21% to 3.2 million, down from 4 million in the previous year. Additionally, its share price has plummeted over 90% since its 2021 public offering.

    The wider dating application sector is grappling with what is now termed swipe exhaustion, and the increasing perception that these platforms function more like games than authentic avenues for meeting people does not assist the situation.

    How does this stack up against Tinder and Hinge?

    Bumble is not alone in feeling the strain. Tinder, the leading dating application worldwide, has introduced face-to-face singles gatherings and online speed dating meetings to alleviate swipe burnout.

    The platform has also integrated AI-enhanced security tools such as advanced message filtering, and even teamed up with Sam Altman’s biometric firm World to allow users to confirm their humanity by looking into a sphere.

    Tinder is also piloting Chemistry, an AI matcher that examines your photo gallery to understand your personality and highlight more compatible profiles.

    Hinge, which never relied on swipes and instead prompts users to engage with a photo or respond to a prompt before matching. This method has made it the financial standout in the dating sector, a fact likely noted by its rivals.

    The dating application era established by Tinder and Bumble is long overdue for a refresh. Whether the next phase genuinely aids users in forging real connections, or simply provides a more sophisticated method for being ghosted, remains to be seen.

  • Sony Xperia 1 VIII Leaked Colors Bring Fresh Confidence to the Flagship

    Sony Xperia 1 VIII Leaked Colors Bring Fresh Confidence to the Flagship

    Sony’s Xperia devices have never been dull, yet they often felt overly cautious. The recent Xperia 1 VIII leak shifts that perception, with authentic-looking renders revealing Sony’s upcoming flagship in vibrant tones that demand attention.

    In the competitive premium Android segment, visual impact is critical. While the device still requires top-tier flagship features, a bolder aesthetic could help it stand out from the crowd.

    According to Sumaho Digest, the leaked visuals feature the Xperia 1 VIII in Graphite Black, Iolite Silver, Garnet Red, and Native Gold.

    However, concerns remain. The same leak hints at a potential price increase and a camera modification that might disappoint dedicated Xperia users, particularly if Sony abandons its signature continuous optical zoom.

    Is Sony Shedding Its Reserved Persona?

    The leak is notable because the physical design remains largely familiar. It retains the distinctive tall, rectangular silhouette that has characterized the Xperia series for years.

    The real transformation lies in the color strategy. Graphite Black remains a safe choice, Iolite Silver maintains a sleek appearance, and Native Gold introduces warmth. However, Garnet Red injects a distinct personality into the range.

    Sony has historically relied on photographic prowess and creator-focused tools to attract enthusiasts. This bolder color selection implies an acknowledgment that visual appeal matters just as much as technical specs.

    Will the Camera Compromise Its Signature Feature?

    The potential drawback involves the zoom mechanism. Reports indicate Sony might replace the continuous optical zoom found in recent flagships with fixed focal length telephoto lenses.

    This would mark a significant shift, as zoom versatility has been a key selling point for Xperia fans. Even casual observers recognized the value of this capability.

    Fixed zoom lenses do not inherently mean inferior photography, as many successful devices utilize this approach. However, if the Xperia 1 VIII also carries a higher price tag, Sony must demonstrate compelling reasons why its camera system remains exceptional.

    Can Sony Justify the Premium?

    The Xperia 1 VIII is expected to debut in Hong Kong on May 20, with leaks suggesting a price hike compared to the Xperia 1 VII. This combination of bold styling and increased cost creates both excitement and uncertainty.

    An updated aesthetic is appealing, but justifying a higher price for a device with a less unique zoom system requires substantial improvements in image processing, battery efficiency, performance, or display technology.

    Currently, the leaked color options are working in the device’s favor, reducing its predictability. The true test will be whether the final product matches the confidence shown in these early renders.

  • Techgeeks: South Korea Embraces a Robotic Buddhist Monk at a Historic Temple, Signaling Future Trends

    Techgeeks: South Korea Embraces a Robotic Buddhist Monk at a Historic Temple, Signaling Future Trends

    A humanoid automaton has taken part in a Buddhist ritual in Seoul, creating a remarkable spectacle. Unveiled at Jogyesa Temple in the heart of Seoul during a prelude to Buddha’s Birthday festivities, the 1.3-meter-tall machine was bestowed the Dharma name “Gabi” through a special refuge ceremony led by the Jogye Order of Korean Buddhism, the nation’s foremost Buddhist organization.

    The Rationale Behind a Mechanical Monk in a Sacred Space

    This is no mere prop tucked away in a technology showcase. Clad in traditional Buddhist attire, the automaton bowed, prayed, and engaged in the ritual alongside human clergy. AP notes that Gabi will serve as an honorary monk throughout the Buddha’s Birthday celebrations.

    The Jogye Order views this initiative as part of a wider strategy to bridge Buddhism with South Korea’s younger demographics. With the nation’s Buddhist following shrinking, the order has explored contemporary outreach tactics, leveraging digital platforms and cultural programs aimed at youth.

    Gabi’s appearance at Jogyesa follows an earlier public showcase at Bongeunsa Temple in Seoul’s Gangnam District. In March, Buddhistdoor reported that the automaton was welcoming attendees and even detailing Buddhist customs like the 108 prostrations, responding to inquiries in both Korean and English.

    Where Spiritual Practice Meets Automation

    This isn’t the first instance of technology intersecting with spirituality. Japan has previously experimented with robotic preachers, such as Mindar, an android linked to Kyoto’s Kōdai-ji temple that delivers Buddhist sermons. However, the current context differs significantly, as these developments emerge during a widespread AI surge, where society is increasingly accustomed to seeking counsel from machines, finding companionship, and receiving emotional support.

    Thus, the core inquiry extends beyond how lifelike the machine appears. Can a device effectively elucidate religious doctrines? Is it appropriate for it to provide spiritual direction? And where should human clergy delineate the boundary between employing technology as a resource and allowing it to represent a tradition?

    Currently, Gabi serves more as a symbolic gesture than a revolutionary shift. It is not displacing monks, nor is it abruptly transforming Buddhism into a robot-centric faith.

  • The Hidden Dangers of Smart Glasses Become Reality as a Woman Faces Filming and Extortion

    The Hidden Dangers of Smart Glasses Become Reality as a Woman Faces Filming and Extortion

    Smart glasses have long carried an obvious privacy concern, and a recent BBC investigation has just illustrated why. A woman known as Alice was approached by a man in a London shopping center while he wore smart glasses. She assumed it was a routine encounter and remained unaware she was being filmed. The resulting clip was subsequently posted online and garnered approximately 40,000 views.

    How the Situation Deteriorated

    While it is common for content creators to film unsuspecting people in public—often without malicious intent—this particular incident took a sinister turn once Alice discovered the video online. After reaching out to the uploader, she expressed her humiliation and requested the clip be taken down. According to her account, the man responded via email, suggesting that removal would cost money. Alice described the incident as a severe privacy violation that left her feeling vulnerable and exploited.

    The individual, who allegedly manages several accounts on TikTok and Instagram, has kept his identity private. He told the BBC that his videos are intended to capture “light-hearted, respectful interactions” and claimed the mention of payment was a misunderstanding regarding editing fees. Alice, however, maintains she only asked for the video to be deleted.

    The Legal Gap in Wearable Privacy

    This case underscores the significant disconnect between wearable camera advancements and existing privacy safeguards. Legal professionals cited in the report noted that while the scenario might not meet the legal threshold for blackmail, demanding payment to remove footage can still constitute a threat. The situation is particularly alarming because smart glasses do not resemble a phone held up to someone’s face, and many contemporary models capture footage from the wearer’s perspective, making it easier to record public interactions without the obvious visual cue that recording is taking place.

    Smart glasses themselves are not the root cause. Rather, it is the surrounding ecosystem—where creators pursue viral engagement, platforms amplify humiliating clips, and victims struggle to have their content removed—that creates a troubling landscape.

  • Android Head Quashes Rumors of Pixel Adopting Apple’s Liquid Glass Design

    Android Head Quashes Rumors of Pixel Adopting Apple’s Liquid Glass Design

    Google’s Android ecosystem chief has put an end to rumors that Android might copy Apple’s Liquid Glass visual style, at least for Pixel handsets. Reacting to a fake Liquid Glass design for a Pixel 11 shared on X, Sameer Samat replied, “Not happening. Y’all are wild.” This clarification brings relief to Android enthusiasts who have seen numerous brands replicate Apple’s look in recent months.

    Many Android Makers Have Already Followed Suit

    Since Apple revealed Liquid Glass at WWDC last June, multiple Android brands have duplicated the style in their custom interfaces. OnePlus, Vivo, Oppo, Honor, and Xiaomi have all released UI updates that adopt the translucent, frosted-glass appearance Apple introduced. This trend has become so common that it has sparked concerns about Android’s unique visual identity.

    Google, at least for its own Pixel line, is resisting the pull.

    Material 3 Expressive Already Stands Out

    Google unveiled its own refreshed design system, Material 3 Expressive, at I/O 2025, introducing bolder colors, more dynamic motion, and fluid shape transitions across the system UI, notifications, and core apps. It gives Pixel devices a distinctive personality.

    Not happening! Y’all are wild. 😂

    Not happening! Y’all are wild. 😂

    — Sameer Samat (@ssamat) May 5, 2026

    See More

    — Sameer Samat (@ssamat) May 5, 2026

    See More

    Material 3 Expressive already gives Google a design story it can stand behind without borrowing from a competitor, and Samat’s response signals the company intends to stick to it. For those who use Pixel phones, the comment amounts to a guarantee that Android’s design language will stay its own.

    Liquid Glass may spread further across third-party Android skins, but Google’s own devices will ship with a design system built on its own terms. Whether other Android manufacturers follow Google’s lead remains to be seen.

  • Your Colleague’s AI-Generated App Could Be Exposing Corporate Confidential Information

    Your Colleague’s AI-Generated App Could Be Exposing Corporate Confidential Information

    AI-powered coding assistants have drastically simplified the process of creating web applications, reducing setup time to mere minutes. This accessibility has democratized app development but has also introduced a fresh wave of challenges. What occurs when these AI-generated applications are deployed without proper security measures? The result is often sensitive information being inadvertently exposed across the internet.

    A report by WIRED sheds light on a critical security flaw associated with “vibe-coded” applications, which are developed using AI platforms like Lovable, Replit, Base44, and Netlify.

    Why This Security Gap Is More Serious Than It Appears

    Security expert Dor Zvi and his team at RedAccess examined thousands of these applications and identified over 5,000 that lacked basic security protocols or authentication mechanisms. Many of these apps could be accessed by anyone who stumbled upon the correct URL. Some had only rudimentary barriers, permitting entry with any email address. According to Zvi, nearly half of these exposed applications contained sensitive data, including medical records, financial documents, corporate presentations, strategic plans, and customer service chat logs.

    The investigation reportedly also uncovered hospital work assignments containing personally identifiable information, advertising purchase data, market presentation strategies, sales figures, and even customer conversations including names and contact details. Several of these applications remain online, although WIRED could not confirm if all the data reviewed was authentic or sensitive.

    How Vibe Coding Has Become a Risk in IT

    This issue extends beyond a single instance of poorly secured AI apps. These tools enable individuals without software engineering or security expertise to build and deploy applications rapidly, often bypassing standard IT approval workflows. Consequently, a marketing team member, operations staff, or founder can create an internal tool, link it to live data, and inadvertently expose it to the public internet.

    Zvi likened this situation to the previous wave of exposed Amazon S3 buckets, where misconfigurations caused companies to leak sensitive data on a massive scale. Security researcher Joel Margolis told WIRED that AI coding tools only execute what they are instructed to do. Therefore, if a user does not explicitly request security features, the resulting app may lack them by default.

    Responses from the Companies Involved

    Replit CEO Amjad Masad wrote on X that some users had published applications on the open web that were intended to be private, noting that public apps being accessible online is expected behavior. Meanwhile, Lovable stated that it takes exposed data and phishing reports seriously and is currently investigating. Base44’s parent company, Wix, asserted that its platform offers security and visibility controls, arguing that public access reflects user configuration choices rather than a platform vulnerability.

    This serves as a reality check for anyone treating vibe coding like a fast track to startup success. AI-generated apps can move quickly, but that speed comes with real trade-offs. From weak oversight to hidden vulnerabilities, AI-built apps can become a serious problem once a product is in users’ hands.

  • Your Colleague’s AI-Generated App May Be Exposing Corporate Confidential Information

    Your Colleague’s AI-Generated App May Be Exposing Corporate Confidential Information

    AI coding tools have made it ridiculously easy to build a web app, and it only takes a few minutes to set up now. This ease has lowered the barrier to app development, which is causing a new set of issues. So what happens when these AI-made apps go live without anyone checking the locks? You get secrets spilling out all over the internet.

    A WIRED report highlights a major security problem around so-called “vibe-coded” apps, which are built using AI development platforms such as Lovable, Replit, Base44, and Netlify.

    Why this is a bigger issue than you think

    Security researcher Dor Zvi and his team at RedAccess analyzed thousands of these apps and found more than 5,000 that had little to no security or authentication. Most of these apps could practically be accessed by anyone who found the ‘right’ URL. A few of these had only minimal barriers, allowing visitors to sign in with any email address. Nearly half of these exposed apps appeared to contain sensitive data like medical information, financial records, corporate presentations, strategy documents, and customer chatbot logs, said Zvi.

    The investigation reportedly also revealed hospital work assignments with personally identifiable information, ad purchasing data, market presentation strategies, sales information, and even customer conversations with their names and contact details. Several of these apps were still online, although WIRED couldn’t verify whether all the data it reviewed was real or sensitive.

    How vibe coding has become dangerous in IT

    This story isn’t just limited to one batch of sloppy AI apps. These tools allow people who may not have software engineering or security experience to build and publish apps quickly, which are often outside normal IT approval processes. So a member of the marketing team, operations worker, or founder can create a tool for internal use, connect it to real data, and accidentally leave it open to the web.

    Zvi compared it to the old wave of exposed Amazon S3 buckets, where misconfigurations led companies to leak sensitive data at a massive scale. Security researcher Joel Margolis told WIRED that AI coding tools only do what’s asked of them. So if a user does not ask for security explicitly, the app may not be secure by default.

    What did the companies say?

    Replit CEO Amjad Masad wrote on X that some users had published apps on the open web that should have been private, adding that public apps being accessible online is expected behavior. Meanwhile, Lovable said it takes exposed data and phishing reports seriously and is investigating. Base44 parent company Wix stated that its platform provides security and visibility controls, arguing that public access reflects user configuration choices rather than a platform vulnerability.

    This is a reality check for anyone treating vibe coding like a fast track to startup success. AI-generated apps can move quickly, but that speed comes with real trade-offs. From weak oversight to hidden vulnerabilities, AI-built apps can become a serious problem once a product is in users’ hands.