5,000+ Vibe-Coded Apps Exposing Auth Tokens and Sensitive Data

A study of vibe-coded web apps built on Lovable, Base44, Replit, and Netlify found ~40% exposing sensitive data including auth tokens, coinciding with Experian attributing 40% of 2025 data breaches to AI-powered attacks.

1 min read|agenticonsult Intelligence

5,000+ Vibe-Coded Apps Exposing Auth Tokens and Sensitive Data

A study reviewed by Wired found approximately 40% of audited web applications built using vibe-coding platforms — Lovable, Base44, Replit, and Netlify — were exposing sensitive data including authentication tokens. The scale of the disclosure (thousands of affected apps) arrives in the same news cycle as Experian publicly attributing 40% of the 5,000 data breaches it handled in 2025 to AI-powered attacks, and predicting agentic AI as the leading 2026 breach category.

Why It Matters

The convergence of AI-generated insecure code with AI-powered attacks creates a compounding risk loop. Operators deploying AI-built applications without security review are directly in the threat window Experian is describing.

#security

Discuss onLinkedIn X

This breaking-news item was assembled from the cited primary source with AI assistance. It is intended for rapid situational awareness — refer to the original publication for the definitive statement.

View all live intel

Live Intel Feed

08:00 PMSamsung Becomes Asia's Second Trillion-Dollar Company on AI Memory Boom 08:00 PM2026 AI Coding Disasters Formally Catalogued: 8 Incidents, All Major Vendors 08:00 PMMicrosoft Phi-Ground-Any: 4B Vision Model Achieves SOTA for AI GUI Grounding