Explore Problems

Showing 2,439 of 6,868 problems · matching your filters

Credit Bureau FCRA Violations Leave Inaccurate Data on Reports

Major credit bureaus like TransUnion routinely violate the Fair Credit Reporting Act by maintaining inaccurate data, failing to investigate disputes properly, and not correcting errors within statutory timelines. These violations directly impair consumers' access to credit, housing, and employment. Automated FCRA violation documentation and regulatory complaint filing tools could significantly improve consumers' enforcement leverage.

1 mentions1 sources Trending
S6.9L6
Industry Verticals · FinTech & Banking

Insurance Company Reinstates Canceled Policy, Sends to Collections, and Ruins Consumer Credit

An insurer reinstated a canceled auto policy without authorization and sent the fraudulent balance to collections, damaging the consumer's credit score and causing loss of a home purchase. Despite 50+ hours of calls, documentation submissions, and promises, the error remains unresolved.

20 mentions1 sources
S6.9L6
Industry Verticals · Insurance

Bank misapplies billing-error dispute window to merchandise-not-received claims

A bank repeatedly denies a valid merchandise-not-received dispute by applying the wrong regulatory timeframe, instead of the longer window that applies when a merchant repeatedly delays delivery. Escalation through additional disputes and direct emails to executives goes unanswered.

319 mentions3 sources
S6.9L6
Industry Verticals · FinTech & Banking

Banking apps show transactions but provide no actionable spending intelligence

Most banking and personal finance apps display raw transaction lists without analyzing patterns, trends, or behavioral insights. Users cannot identify where their money actually goes without manual categorization in separate tools. The gap between data display and financial intelligence leaves the majority of banking customers without practical guidance.

1 mentions1 sources Trending
S6.8L7
Consumer & Lifestyle · Personal Finance

Malicious VSCode Extensions Can Breach Thousands of GitHub Repositories

A single malicious VSCode extension compromised 3,800 GitHub repositories, exposing a critical gap in extension marketplace security vetting. The extension marketplace provides no meaningful safety signals, leaving developers unable to assess extension trustworthiness at install time.

1 mentions1 sources Trending
S6.8L7
Security & Compliance · Application Security

Credit card fraud disputes go unresolved while late fees accrue

When credit card fraud triggers account cancellation and reissuance, the interim investigation period leaves consumers exposed to late fees on disputed charges they cannot pay. Banks fail to honor FCBA protections — promising no penalties while assessing them anyway. Consumers are left holding financial damage from fraud that the bank's own investigation caused.

36 mentions1 sources Trending
S6.8L6
Industry Verticals · FinTech & Banking

Debt collectors pursue victims of identity theft for fraudulent debts

Consumers report being harassed by debt collectors over accounts opened fraudulently through identity theft. Collectors often ignore FDCPA validation requirements and continue aggressive collection despite disputes.

143 mentions1 sources
S6.8L6
fintech

npm Ecosystem Silently Executes Malicious Code via Transitive Dependencies

Every npm install is an implicit trust decision across hundreds of packages, any of which can execute arbitrary code via postinstall hooks with no user confirmation. The Axios backdoor attack demonstrated this at 80M weekly download scale, with sophisticated obfuscation and self-cleanup. Existing tools like Snyk detect known vulnerabilities but do not prevent silent postinstall execution from newly compromised accounts.

3 mentions2 sources
S6.7L8
Security & Compliance · Fraud Prevention

MCP Servers Inject Context Tokens on Every Message Even When Not Used

Every configured MCP server injects tokens into the context window on each message, regardless of whether that server is needed for the current task. As developers add more MCP servers, context window bloat becomes severe and reduces effective model capacity. No selective MCP loading mechanism exists to activate servers only when relevant.

1 mentions1 sources Trending
S6.7L8
Developer Tools · AI & Machine Learning

Cloud AI Coding Agents Require Sharing Codebases; Local Models Lack Performance

Developers using cloud-based AI coding agents like Cursor, Codex, or Claude must expose their codebase to training pipelines. Switching to local models for privacy eliminates the performance needed for real coding tasks. No tool currently solves both privacy and performance simultaneously.

2 mentions0 sources Trending
S6.7L7
Developer Tools · AI & Machine Learning

Indian Personal Finance Apps Mandate Bank Linking or SMS Scraping to Build Credit Profiles

Every major personal finance app in India forces users to link bank accounts via Account Aggregator or grant SMS access, then ships data to remote servers for credit profiling and loan marketing. Users who want privacy-respecting expense tracking have no viable alternative.

2 mentions0 sources Trending
S6.7L6
Security & Compliance · Data Privacy

Salesforce Is Too Complex and Expensive for Small Business Users

Salesforce Sales Cloud is widely criticized for overwhelming complexity, long setup times, and high licensing costs that are prohibitive for small businesses. The interface feels cluttered and requires significant expertise to customize, creating a large gap between enterprise capability and usability. This drives persistent demand for simpler CRM alternatives.

8 mentions1 sources
S6.7L6
Business Operations · Sales & CRM

Air-Gapped Networks Have No Passive Threat Detection Without Active Scanning Risk

Security teams protecting air-gapped environments — defense, ICS, nuclear — cannot use conventional network detection tools that require active probes, which risk triggering false alerts or disrupting critical operations. Passive monitoring that can identify C2 beacons and DNS generation algorithm traffic without sending any packets is absent from the market. This leaves some of the highest-value targets with a fundamental detection blind spot.

1 mentions1 sources
S6.6L8
Security & Compliance · Network Security

Phone Theft Enables Immediate High-Value Zelle and Venmo Fraud Banks Refuse to Refund

Thieves who steal unlocked phones can immediately execute thousands of dollars in Zelle and Venmo transfers before the owner can react. Payment apps treat physical phone possession as sufficient authorization, creating a structural gap where theft of a device equals theft of funds. Banks and payment platforms systematically deny fraud refunds for these transactions because the device was used directly.

1 mentions1 sources Trending
S6.6L7
Security & Compliance · Fraud Prevention

Zelle Transfers to Wrong Recipient Cannot Be Recalled by Banks

A single digit error when entering a Zelle recipient phone number sends funds to the wrong person with no recovery path — banks disclaim liability and Zelle has no recall mechanism for voluntary transactions. With hundreds of millions of Zelle transactions per year, the scale of accidental misdirection is enormous. Pre-send recipient identity confirmation and rapid escalation tools for same-day misdirection cases would address a structural gap.

1 mentions1 sources Trending
S6.6L6
Industry Verticals · FinTech & Banking

Debt collectors pursue consumers without providing required debt validation

Consumers report receiving past-due notices for debts they do not recognize, with collection agencies failing to provide validation information within the legally required 30-day window despite repeated requests.

332 mentions1 sources
S6.5L6
fintech

Bank security alert systems fail to fire during active account takeover via phishing

Customers who configure bank security alerts for new device logins and failed password attempts receive no notifications when fraudsters are actively taking over their accounts via phishing. Alert systems that customers rely on as a safety net fail silently at exactly the moment they are needed. The combination of caller ID spoofing and alert failure gives attackers undetected access windows long enough to drain accounts.

1 mentions1 sources Trending
S6.5L7
Security & Compliance · Fraud Prevention

Salesforce Locks Essential CRM Features Behind Expensive Add-On Tiers

Salesforce's pricing model places many of its most valuable features in premium add-on tiers, making the true cost of a functional deployment far higher than base plan pricing suggests. This tiered gating disproportionately affects mid-market companies that need advanced capabilities but cannot justify enterprise pricing. The practice has driven sustained interest in CRM alternatives with more transparent feature bundling.

8 mentions2 sources
S6.5L7
Business Operations · Sales & CRM

Single Autopay Failure Permanently Damages Credit Despite Bank Acknowledgment

When a bank autopay system fails to draft a payment, the resulting late mark is reported to credit bureaus and remains permanent even when the bank acknowledges the error by refunding the late fee. Consumers are directed to dispute with bureaus, but bureaus simply re-verify with the furnisher who maintains the reporting — creating a circular process that protects the bank's data while penalizing consumers for system errors.

56 mentions1 sources
S6.5L6
Industry Verticals · FinTech & Banking

Insurance policies lapse silently due to payment system errors

Autopay failures on insurance policies trigger silent policy cancellations with no customer notification, leaving homeowners unknowingly uninsured for months. The failure is compounded by siloed internal systems that prevent even the insurer's own support staff from diagnosing what happened.

3 mentions1 sources
S6.5L8
Customer Experience · Service & Billing Disputes
1/122Next