Explore Problems

Showing 958 of 6,868 problems · matching your filters

Banking apps show transactions but provide no actionable spending intelligence

Most banking and personal finance apps display raw transaction lists without analyzing patterns, trends, or behavioral insights. Users cannot identify where their money actually goes without manual categorization in separate tools. The gap between data display and financial intelligence leaves the majority of banking customers without practical guidance.

1 mentions1 sources Trending
S6.8L7
Consumer & Lifestyle · Personal Finance

Malicious VSCode Extensions Can Breach Thousands of GitHub Repositories

A single malicious VSCode extension compromised 3,800 GitHub repositories, exposing a critical gap in extension marketplace security vetting. The extension marketplace provides no meaningful safety signals, leaving developers unable to assess extension trustworthiness at install time.

1 mentions1 sources Trending
S6.8L7
Security & Compliance · Application Security

MCP Servers Inject Context Tokens on Every Message Even When Not Used

Every configured MCP server injects tokens into the context window on each message, regardless of whether that server is needed for the current task. As developers add more MCP servers, context window bloat becomes severe and reduces effective model capacity. No selective MCP loading mechanism exists to activate servers only when relevant.

1 mentions1 sources Trending
S6.7L8
Developer Tools · AI & Machine Learning

Cloud AI Coding Agents Require Sharing Codebases; Local Models Lack Performance

Developers using cloud-based AI coding agents like Cursor, Codex, or Claude must expose their codebase to training pipelines. Switching to local models for privacy eliminates the performance needed for real coding tasks. No tool currently solves both privacy and performance simultaneously.

2 mentions0 sources Trending
S6.7L7
Developer Tools · AI & Machine Learning

Air-Gapped Networks Have No Passive Threat Detection Without Active Scanning Risk

Security teams protecting air-gapped environments — defense, ICS, nuclear — cannot use conventional network detection tools that require active probes, which risk triggering false alerts or disrupting critical operations. Passive monitoring that can identify C2 beacons and DNS generation algorithm traffic without sending any packets is absent from the market. This leaves some of the highest-value targets with a fundamental detection blind spot.

1 mentions1 sources
S6.6L8
Security & Compliance · Network Security

Phone Theft Enables Immediate High-Value Zelle and Venmo Fraud Banks Refuse to Refund

Thieves who steal unlocked phones can immediately execute thousands of dollars in Zelle and Venmo transfers before the owner can react. Payment apps treat physical phone possession as sufficient authorization, creating a structural gap where theft of a device equals theft of funds. Banks and payment platforms systematically deny fraud refunds for these transactions because the device was used directly.

1 mentions1 sources Trending
S6.6L7
Security & Compliance · Fraud Prevention

Bank security alert systems fail to fire during active account takeover via phishing

Customers who configure bank security alerts for new device logins and failed password attempts receive no notifications when fraudsters are actively taking over their accounts via phishing. Alert systems that customers rely on as a safety net fail silently at exactly the moment they are needed. The combination of caller ID spoofing and alert failure gives attackers undetected access windows long enough to drain accounts.

1 mentions1 sources Trending
S6.5L7
Security & Compliance · Fraud Prevention

Insurance policies lapse silently due to payment system errors

Autopay failures on insurance policies trigger silent policy cancellations with no customer notification, leaving homeowners unknowingly uninsured for months. The failure is compounded by siloed internal systems that prevent even the insurer's own support staff from diagnosing what happened.

3 mentions1 sources
S6.5L8
Customer Experience · Service & Billing Disputes

Slack Notification Volume Overwhelms Users With Irrelevant Alerts From Unrelated Channels

Slack delivers notifications for every channel event including conversations that have nothing to do with the recipient, making focused work impossible. Calendar and cross-team notifications arrive without relevance filtering, creating constant cognitive interruptions. Paying subscribers have no effective mechanism to filter notifications to only relevant events.

2 mentions0 sources
S6.5L7
Productivity · Collaboration & Messaging

Insurance Policies Deliberately Obscured With Jargon, Clauses Hidden Until Claims

Insurance contracts are routinely 50+ pages of dense legal language that consumers cannot meaningfully understand before signing. Critical exclusions and limitations only become apparent when a claim is filed and denied. This information asymmetry is structural and benefits insurers at the expense of policyholders.

1 mentions1 sources
S6.5L7
Industry Verticals · Insurance

Mortgage Servicers Proceed to Foreclosure Track After Verbally Approving Forbearance

Homeowners experiencing documented financial hardship who proactively request forbearance receive verbal approvals that are never formally processed, while the servicer simultaneously initiates foreclosure proceedings. The absence of written confirmation requirements and the 30+ day processing lag leaves current-account homeowners in a foreclosure pipeline they cannot exit. No real-time status visibility exists between borrower application and servicer processing systems.

2 mentions1 sources
S6.5L7
Industry Verticals · Real Estate

Zelle scammers impersonate bank support agents to extract multiple payments

Fraudsters impersonate bank customer service representatives and convince victims to send multiple Zelle payments under the pretense of processing a legitimate transfer. By the time victims recognize the scam, multiple payments have cleared and Zelle's no-recourse policy leaves them with no recovery path. Banks decline to intervene because the payments were technically authorized by the account holder.

2 mentions1 sources Trending
S6.4L7
Security & Compliance · Fraud Prevention

Medical reports written in clinical language patients cannot understand

Patients receive MRI results, CT scans, pathology reports, and discharge summaries written for clinicians, not patients. The technical language creates anxiety and prevents informed health decisions. As self-service patient portals grow, this gap between clinical documentation and patient comprehension widens.

1 mentions1 sources Trending
S6.4L7
Industry Verticals · Healthcare & Wellness

Banks Disburse Auto Loans to Unverified Dealerships, Enabling Purchase Fraud

Banks process auto loan disbursements without verifying that the receiving entity is a real, registered dealership — enabling fraudulent dealers to receive funds for vehicles that are never delivered. Borrowers are left with active loan obligations for cars they never received, with the bank accepting no responsibility for the disbursement failure.

6 mentions1 sources
S6.4L7
Industry Verticals · FinTech & Banking

Bank of America Processes Unauthorized ACH Withdrawals After Written Revocation

Bank of America continued debiting a consumer's account after receiving a written revocation notice, ignoring the legal instruction and extracting funds without authorization. High mention count and upvotes confirm this is a widespread systemic failure at major banks.

26 mentions1 sources
S6.4L7
Industry Verticals · FinTech & Banking

Phone Scammers Impersonate Banks and FBI to Drain Accounts via Zelle

Criminals impersonate bank representatives and FBI agents via phone to manipulate consumers into transferring funds via Zelle. Once sent, Zelle payments are irreversible and banks typically refuse to reimburse victims of social engineering.

3 mentions1 sources
S6.4L7
Security & Compliance · Fraud Prevention

AI coding agents cannot access open-source dependency source code

AI coding agents can index a developer's own codebase but cannot read the source code of the open-source libraries that codebase depends on. When agents encounter unfamiliar library APIs, they hallucinate signatures, produce broken code, and enter retry loops. The problem compounds as dependency graphs grow and agents are trusted with larger implementation tasks.

1 mentions1 sources
S6.3L7
Developer Tools · AI & Machine Learning

AI coding agents leak secrets by pulling .env files into context

AI coding agents routinely read .env files, config, and command output into their context windows, silently exposing API keys and credentials to model providers. Existing secret scanning tools catch leaks after the fact in git history rather than preventing them from reaching the model in real time.

1 mentions1 sources
S6.3L8
Security & Compliance · Data Privacy

AI Agent Sessions Fail Silently with No Trace or Cost Visibility

Developers running AI agent sessions have no reliable way to trace failures after the fact, see cost breakdowns, or perform root-cause analysis when sessions silently die. The absence of production-grade observability tooling forces developers to fly blind in production agent deployments.

1 mentions1 sources
S6.3L8
Developer Tools · AI & Machine Learning

AI Agents Can Execute Catastrophic Infra Actions Without Safeguards

An AI agent deleted a startup's production database and backups in 9 seconds because API keys had unrestricted delete access, backups shared the same environment as production, and no confirmation step existed for destructive actions. The incident reveals that standard infra security assumptions break catastrophically when agentic AI is introduced into deployment workflows. As AI agents gain infrastructure access, the absence of permission scoping, confirmation gates, and environment isolation creates systemic risk across all organizations using these tools.

1 mentions1 sources
S6.3L8
Developer Tools · DevOps & Infrastructure
1/48Next