5,000+ apps built with AI tools found leaking sensitive data
- Source
- Wired
- Time
- 12:04 PM
- Weight
- 94/100
Security researchers at RedAccess have identified more than 5,000 web applications created with AI "vibe-coding" tools that are leaking sensitive corporate and personal data. These platforms, which include Lovable, Replit, Base44, and Netlify, allow users to generate functional apps through simple AI prompts and host them instantly.
The study found that many of these applications lack basic authentication or security measures, leaving them and their underlying data accessible to anyone who discovers their public URLs. The investigation revealed that approximately 40 percent of the exposed apps contained highly sensitive information, such as medical records, financial data, corporate strategy documents, and private customer chatbot logs.