Explore Problems

Showing 168 of 6,868 problems · matching your filters

Bank security alert systems fail to fire during active account takeover via phishing

Customers who configure bank security alerts for new device logins and failed password attempts receive no notifications when fraudsters are actively taking over their accounts via phishing. Alert systems that customers rely on as a safety net fail silently at exactly the moment they are needed. The combination of caller ID spoofing and alert failure gives attackers undetected access windows long enough to drain accounts.

1 mentions1 sources Trending
S6.5L7
Security & Compliance · Fraud Prevention

Mortgage Servicers Proceed to Foreclosure Track After Verbally Approving Forbearance

Homeowners experiencing documented financial hardship who proactively request forbearance receive verbal approvals that are never formally processed, while the servicer simultaneously initiates foreclosure proceedings. The absence of written confirmation requirements and the 30+ day processing lag leaves current-account homeowners in a foreclosure pipeline they cannot exit. No real-time status visibility exists between borrower application and servicer processing systems.

2 mentions1 sources
S6.5L7
Industry Verticals · Real Estate

Zelle scammers impersonate bank support agents to extract multiple payments

Fraudsters impersonate bank customer service representatives and convince victims to send multiple Zelle payments under the pretense of processing a legitimate transfer. By the time victims recognize the scam, multiple payments have cleared and Zelle's no-recourse policy leaves them with no recovery path. Banks decline to intervene because the payments were technically authorized by the account holder.

2 mentions1 sources Trending
S6.4L7
Security & Compliance · Fraud Prevention

AI coding agents cannot access open-source dependency source code

AI coding agents can index a developer's own codebase but cannot read the source code of the open-source libraries that codebase depends on. When agents encounter unfamiliar library APIs, they hallucinate signatures, produce broken code, and enter retry loops. The problem compounds as dependency graphs grow and agents are trusted with larger implementation tasks.

1 mentions1 sources
S6.3L7
Developer Tools · AI & Machine Learning

AI coding agents leak secrets by pulling .env files into context

AI coding agents routinely read .env files, config, and command output into their context windows, silently exposing API keys and credentials to model providers. Existing secret scanning tools catch leaks after the fact in git history rather than preventing them from reaching the model in real time.

1 mentions1 sources
S6.3L8
Security & Compliance · Data Privacy

Production incident root cause identification takes hours of manual triage

Engineers debugging production failures must manually trace through stack traces, logs, and distributed system state to find root cause, often taking hours during high-pressure incidents. Existing observability tools surface symptoms but do not automate the diagnostic reasoning step. The gap between alert and actionable root cause represents significant engineering time and business impact.

1 mentions1 sources
S6.3L7
Developer Tools · DevOps & Infrastructure

Part-time developers cannot ship side projects with tools built for full-time teams

Developers with 9-to-5 jobs who want to build side projects face tools, workflows, and culture designed for full-time founders with unlimited time. Limited coding windows—45 minutes on a commute—are incompatible with complex setup, long feedback loops, and team-oriented tooling. There is no purpose-built development environment for the constraint of intermittent, time-boxed building.

1 mentions1 sources
S6.2L7
Developer Tools · Coding Tools & IDEs

AI agents silently corrupt their context window without detection

Long-running AI agents degrade silently when their context window becomes corrupted or inconsistent — the agent proceeds with bad state and developers have no visibility into when or why this happened. Existing LLM observability tools surface token counts and latency but not context integrity. As multi-step agents become production workloads, undetected context corruption becomes a reliability and debugging crisis.

1 mentions1 sources
S6.2L7
Developer Tools · AI & Machine Learning

B2B Contact Data Decays Too Fast for Timing-Sensitive Outreach

Sales prospecting tools like Apollo and Clay rely on static enrichment databases that quickly become stale, causing outreach to hit outdated emails, wrong job titles, and departed contacts. Teams running timing-sensitive campaigns — hiring triggers, funding announcements, product launches — need live web research at query time to act on signals before they expire. No major tool currently solves real-time enrichment at scale.

1 mentions1 sources
S6.1L8
Business Operations · Sales & CRM

Shopify removes native features in updates to force merchants into paid app subscriptions

Shopify platform updates routinely remove or degrade previously available native functionality, with the removal justified by directing merchants to third-party apps. Merchants accumulate a fragmented stack of app subscriptions for features that were previously built-in, with each app adding monthly costs and an independent support relationship. When the combined stack breaks, neither Shopify nor individual app vendors accept accountability for the interaction.

2 mentions1 sources
S6.1L7
Business Operations · E-commerce Operations

Shopify gates basic ecommerce features behind mandatory paid app subscriptions

Shopify deliberately excludes standard ecommerce functionality from its core platform, requiring merchants to purchase third-party apps for features competitors bundle as standard. Monthly app costs compound into hundreds of dollars per month on top of Shopify's own fees. During outages or billing disputes, merchants face fragmented accountability with Shopify and each app vendor disclaiming responsibility for the combined failure.

2 mentions1 sources
S6.1L7
Business Operations · E-commerce Operations

SaaS companies lack real-time NRR monitoring to catch revenue bleed

SaaS companies focus on new MRR acquisition while silently losing revenue through churn and contraction, only discovering the damage retrospectively. Net Revenue Retention (NRR) is poorly tracked compared to MRR, leaving founders without early warning systems for revenue health decline.

1 mentions1 sources
S6.1L7
Business Operations · Finance & Accounting

AI-generated vibe-coded apps ship with live security holes

Applications built quickly with AI coding tools like Replit, Lovable, and Cursor often go to production with unaddressed access-control vulnerabilities, and their builders typically lack security expertise. High engagement (532 upvotes) suggests broad resonance, though it surfaces via a solution launch rather than direct user complaints.

1 mentions1 sources
S6.1L8
Security & Compliance · Application Security

AI Agents Execute Sensitive Actions Without Human Approval Checkpoints

Professionals using AI agents for real work find that autonomous systems take irreversible actions — sending emails, modifying files, triggering integrations — without pausing for human review. The lack of approval gates on sensitive operations creates trust and safety barriers that prevent enterprise adoption. Workers need AI that asks before acting on consequential decisions.

1 mentions1 sources
S6.1L8
Productivity · Automation & Workflows

Professional product photography costs block small e-commerce sellers

Cross-border e-commerce sellers need professional lifestyle product images for each platform but studio photography costs $100+ per image, making rapid multi-platform launches financially prohibitive for small operators. The bottleneck is particularly acute for sellers expanding internationally who need localized visuals at scale. AI image generation from white-background photos is an emerging solution in a still-fragmented market.

1 mentions1 sources
S6.1L7
Marketing & Growth · Branding & Design

AI agents can leak credentials without a security checkpoint

AI agents operating autonomously can inadvertently expose sensitive credentials during task execution, with no built-in guardrail to catch this before damage occurs. A builder created a checkpoint tool after experiencing this firsthand, highlighting a systemic gap in agentic AI security tooling.

1 mentions1 sources
S6.0L7
Security & Compliance · Identity & Access

Small Businesses Cannot Afford Security Guidance or Risk Assessment

Small businesses routinely handle sensitive customer data without any security program, policy, or expert guidance because enterprise security consulting is priced out of reach. Without a dedicated CISO or consultant, SMBs have no way to prioritize risks, respond to incidents, or meet client security expectations. A gap exists between free generic checklists and expensive enterprise compliance tools.

1 mentions1 sources
S6.0L7
Security & Compliance · Compliance & Audit

AI systems leak user data through indirect prompt injection

LLM-integrated applications can expose user data to third parties even when users provide no malicious input, due to prompt injection via untrusted content or model memorization. This is a structural vulnerability in how AI is embedded in SaaS products. Every team deploying LLMs without robust output filtering is at risk.

1 mentions1 sources
S6.0L8
Security & Compliance · Data Privacy

African developers blocked from AI APIs by Stripe-only payments and regional access barriers

Developers across Africa cannot access major AI APIs due to Stripe's limited African card support, regional access blocks requiring VPN workarounds, and high minimum payment thresholds. The barrier is payment infrastructure, not capability or demand. As Africa's developer population grows rapidly, the exclusion from global AI tooling compounds disadvantage.

1 mentions1 sources
S6.0L7
Developer Tools · AI & Machine Learning

OpenTelemetry SaaS Ingestion Costs Are Unsustainable for High-Volume Data

Teams using OpenTelemetry must ship all telemetry to cloud vendors to make it searchable, incurring massive ingestion and storage costs for low-value noise data. There is no practical way to filter or sample data at the source before it leaves the cluster without building custom infrastructure. This forces teams into a choice between paying for useless data or losing observability coverage.

1 mentions1 sources
S6.0L8
Data & Infrastructure · Observability & Monitoring
1/9Next