three AI reads at a time

Lovable

4 items

WIRED · 2026-05-07 2026-05-09-w3

5,000 Vibe-Coded Apps Are Leaking on the Open Web — and the S3 Analogy Misses the Legal Novelty

RedAccess found over 5,000 exposed apps across the four leading vibe-coding platforms, with roughly 2,000 leaking real PHI, customer chat logs, and internal strategy decks. These aren't misconfigured storage buckets; they're auth logic the platform generated and the user never saw. The S3 analogy that's circulating misses the legal novelty: AWS could credibly disclaim your bucket policy because you wrote it. Lovable, Replit, and Base44 wrote the auth logic that isn't there. That shifts where liability attaches, and the first court to hold a code-generation platform partially liable for a generated vulnerability resets every product roadmap in the category overnight. It's the same verification failure the hedge fund and interpretability stories surface from different angles: the layer that was supposed to enforce quality or security has been dissolved by the technology it was meant to govern. The people building trust infrastructure for that layer, across all three markets, are the ones with a durable position.

# tags
ai-1.0-defensibilityai-coding-toolsai-cybersecurityai-securityai-vendor-governancedata-privacyenterprise-ai-adoptionliability-ambiguitylovablepilot-to-scalereplitresponsible-disclosureshadow-itvibe-codingwired
◆ entities
Amazon S3Amjad MasadAndy GreenbergBank of AmericaBase44CostcoDor ZviFedExJoel MargolisLovableMcDonald'sNetlifyRedAccessReplitTrader Joe'sWIREDWix
→ threads
ai-1.0-defensibilityai-vendor-liabilitypilot-to-scalevibe-coding-governance
⟷ links
2026-05-07-32026-05-04-22026-05-06-12026-04-04-22026-04-01-12026-03-08-22026-03-09-32026-04-01-32026-05-01-w12026-03-13-w12026-04-17-22026-05-01-12026-05-01-22026-05-01-32026-05-05-12026-05-06-3
permalink
WIRED 2026-05-07-3

5,000 Vibe-Coded Apps Are Leaking on the Open Web — and the S3 Analogy Misses the Legal Novelty

RedAccess found 5,000-plus exposed apps on the four leading vibe-coding platforms with around 2,000 leaking real PHI, customer chat logs, and strategy decks. The S3 analogy is reaching for the right pattern but missing the legal twist: AWS could credibly say it didn't write your bucket policy. Lovable, Replit, and Base44 wrote the auth logic that doesn't exist. The first court that holds a code-generation platform partially liable for a generated vulnerability resets the entire industry's product roadmap overnight.

# tags
vibe-codingai-coding-toolsai-cybersecurityai-vendor-governanceshadow-itdata-privacyliability-ambiguityenterprise-ai-adoptionreplitlovableai-securitypilot-to-scaleai-1.0-defensibilitywiredresponsible-disclosure
◆ entities
LovableReplitBase44NetlifyRedAccessDor ZviAmjad MasadWixWIREDAndy GreenbergJoel MargolisBank of AmericaCostcoFedExTrader Joe'sMcDonald'sAmazon S3
→ threads
vibe-coding-governanceai-1.0-defensibilitypilot-to-scaleai-vendor-liability
⟷ links
2026-04-04-22026-04-01-12026-03-08-22026-03-09-32026-04-01-32026-05-01-w12026-03-13-w12026-04-17-22026-05-01-12026-05-01-22026-05-01-32026-05-04-22026-05-05-12026-05-06-3
permalink
Bloomberg 2026-04-07-3

What Is ARR? Behind the Least-Trusted Metric of the AI Era

ARR has no SEC definition, no audit standard, and no standardized calculation: the metric Silicon Valley uses to price AI startups is whatever the founder needs it to mean. The real problem is structural, not behavioral: consumption-based, credits-based, and outcome-based AI pricing models don't map to the subscription framework ARR was built for. Every 25-30x multiple applied to unverified AI ARR is a bet on retention data that doesn't exist yet.

# tags
ai-economicsvaluationsaasmetricsai-1.0-defensibilitysaas-margins
◆ entities
ARRCluelyAndreessen HorowitzChartMogulAnthropicOpenAICursorLovable
→ threads
ai-1.0-defensibilitysaas-margins
⟷ links
2026-03-18-12026-03-08-12026-03-21-22026-03-13-w32026-04-05-12026-03-25-22026-03-31-22026-03-25-12026-04-05-2
permalink
Redpoint Ventures 2026-04-06-3

Redpoint 2026 Market Update: SaaS Destruction Thesis Meets CIO Survey Data

Redpoint's CIO survey puts a number on what the SaaS selloff is actually pricing: 83% of CIOs are open to AI-native CRM vendors, 45% of AI budgets are cannibalizing existing software spend, and SaaS terminal growth assumptions have collapsed to 1.1%. The sharper read is that preference without satisfaction is a decaying asset: 54% of CIOs still prefer incumbents, but Tegus data shows Agentforce oversold and Copilot pricing rejected. The window for AI-native entrants isn't about being better; it's about arriving when the disappointment compounds.

# tags
saas-disruptionai-economicsenterprise-softwareventure-capitalsaas-marginsai-1.0-defensibilityagentic-ai-viabilityinvestmentmulti-model-strategy
◆ entities
Redpoint VenturesOpenAIAnthropicSalesforceServiceNowMicrosoftCursorLovable
→ threads
saas-marginsai-1.0-defensibilityagentic-ai-viability
⟷ links
2026-03-27-w12026-03-13-w12026-03-31-m22026-03-23-32026-03-21-22026-03-22-32026-03-22-22026-03-19-12026-03-20-2
permalink