Explore Problems

Showing 957 of 6,868 problems · matching your filters

VSCode Extension Marketplace Breach Disclosure Withholds Extension Names

A malicious VSCode extension breached 3,800 GitHub repos, but breach disclosures do not name the specific extension. Developers with dozens of installed extensions cannot self-audit or remove the threat without this information, exposing the structural trust problem in extension marketplaces.

1 mentions1 sources
S6.1L7
Security & Compliance · Application Security

Auto Manufacturers Refuse Buybacks for Vehicles With Multiple Safety Recalls

Consumers who purchase vehicles that accumulate multiple safety recalls within months of purchase cannot get the manufacturer to honor a buyback, leaving them financially bound to a defective and potentially dangerous vehicle. Lemon law protections exist on paper but manufacturers exploit procedural gaps and time requirements to avoid compliance. The consumer has no expedient remedy other than CFPB complaints or litigation.

1 mentions1 sources
S6.1L7
Industry Verticals · Automotive

Wave of retiring insurance agency owners with no succession plan

Approximately 30,000 US insurance agency owners are approaching retirement age with no formal succession plan in place and no pipeline of qualified buyers. The average agency owner is 59, creating a compressed timeline for exits that the current M&A infrastructure is not equipped to handle at scale. This creates a structural gap for acquisition platforms, brokers, and transition advisors.

1 mentions1 sources
S6.1L7
Industry Verticals · Insurance

Telecom Promotional Promises Go Unfulfilled and Overbilling Persists for Months

AT&T and similar carriers promise promotional credits during upgrades but fail to deliver them despite confirmed device returns, forcing months of fruitless support calls. Simultaneous overbilling compounds the financial harm. The dispute process is designed to exhaust customers into abandoning claims.

1 mentions1 sources
S6.1L7
Industry Verticals · Telecom & Utilities

Early-stage founders lack CFO-quality financial insight without a full-time CFO

Founders spend hours monthly wrestling with spreadsheets and chasing bookkeepers to answer basic runway questions, especially at high-stakes moments like board meetings. CFO-level financial clarity is inaccessible to companies that can't afford a full-time hire.

1 mentions1 sources
S6.1L7
Business Operations · Finance & Accounting

No Alerts When Users Stop Converting — Infra Stays Green

Startups can lose users silently for hours when infra metrics look healthy but user-facing flows are broken. Existing monitoring tools alert on server errors and latency but miss behavioral anomalies like signup drop-offs or checkout abandonment. Engineering teams only discover these failures through manual review or user complaints.

1 mentions1 sources
S6.1L7
Developer Tools · DevOps & Infrastructure

SCA Tools Only Check CVEs and Miss Unmaintained or Abandoned Package Risk

Software composition analysis tools scan for known CVEs but fail to detect packages where maintainers have abandoned the project, creating silent supply chain risk. A lifecycle-aware dependency checker that flags EOL and abandoned packages fills a critical gap in application security workflows.

1 mentions1 sources
S6.1L7
Security & Compliance · Application Security

HomeAdvisor unverified leads and locked exit with steep cancellation penalties

HomeAdvisor provides leads that do not intend to hire, often have no real project, or are seeking free estimates only, and when contractors attempt to leave the platform they face cancellation fees up to $1,200. The service monetizes the lock-in rather than lead quality.

3 mentions1 sources
S6.1L7
Marketing & Growth · Lead Generation

Insurance Companies Using Out-of-Market Comparables to Suppress Total Loss Payouts

When processing total loss claims, insurers systematically use vehicle comparables from distant markets and mismatched configurations to justify lower settlement offers. Even after regulators confirm valuation errors, insurers adjust other data points to maintain the same suppressed payout rather than correcting the figure. Policyholders lack independent tools to verify whether comparable vehicles used are geographically and configurationally appropriate.

1 mentions1 sources
S6.1L7
Industry Verticals · Insurance

Bank automated fraud systems freeze accounts with no human override capability

Chase's Zelle fraud detection flagged routine family transfers, froze the customer's online access, and provided no mechanism for human agents to override the automated decision. Agents gave conflicting explanations and two hung up. The automated system operates outside human accountability — once flagged, customers have no escalation path that can actually unfreeze the account.

3 mentions1 sources
S6.1L8
Industry Verticals · FinTech & Banking

Phone scammers impersonate bank fraud departments to drain accounts

Fraudsters call bank customers posing as the fraud department, using social engineering to authorize account transfers. Banks provide no reliable way for customers to verify outbound calls are legitimate, and funds lost to this scam are rarely recovered. The structural gap is bank authentication infrastructure, not individual customer vigilance.

2 mentions1 sources
S6.1L7
Security & Compliance · Fraud Prevention

Bank Impersonation Scams Exploit Zelle for Irreversible Fund Theft

Fraudsters impersonating bank fraud departments instruct consumers to make Zelle transfers to recover allegedly stolen funds, causing the actual theft. Banks refuse to reverse these payments despite clear evidence of social engineering. The combination of real-time payment finality and inadequate bank fraud detection creates an unaddressed consumer protection gap.

2 mentions1 sources
S6.0L8
Security & Compliance · Fraud Prevention

AI agents can leak credentials without a security checkpoint

AI agents operating autonomously can inadvertently expose sensitive credentials during task execution, with no built-in guardrail to catch this before damage occurs. A builder created a checkpoint tool after experiencing this firsthand, highlighting a systemic gap in agentic AI security tooling.

1 mentions1 sources
S6.0L7
Security & Compliance · Identity & Access

Small Businesses Cannot Afford Security Guidance or Risk Assessment

Small businesses routinely handle sensitive customer data without any security program, policy, or expert guidance because enterprise security consulting is priced out of reach. Without a dedicated CISO or consultant, SMBs have no way to prioritize risks, respond to incidents, or meet client security expectations. A gap exists between free generic checklists and expensive enterprise compliance tools.

1 mentions1 sources
S6.0L7
Security & Compliance · Compliance & Audit

Netlify Takes Down Live Sites (Not Just Deploys) When Credits Expire

Netlify penalizes free-tier users by taking down live sites entirely when deploy credits run out, with no warning and no way to purchase credits without upgrading to paid plans. Two-factor authentication bugs can then lock developers out of their own accounts with no recourse. This creates a developer hostage scenario where the only escape is paying or losing access permanently.

1 mentions1 sources
S6.0L7
Developer Tools · DevOps & Infrastructure

Intercompany Matching and Eliminations Consume 3-5 Days of Every Financial Close Cycle

Multi-entity finance teams spend 3-5 days per close cycle manually matching intercompany transactions and performing eliminations across multiple rule types. This bottleneck delays financial reporting and creates significant error risk, with no purpose-built AI automation addressing the full workflow.

1 mentions1 sources
S6.0L7
Business Operations · Finance & Accounting

AI systems leak user data through indirect prompt injection

LLM-integrated applications can expose user data to third parties even when users provide no malicious input, due to prompt injection via untrusted content or model memorization. This is a structural vulnerability in how AI is embedded in SaaS products. Every team deploying LLMs without robust output filtering is at risk.

1 mentions1 sources
S6.0L8
Security & Compliance · Data Privacy

African developers blocked from AI APIs by Stripe-only payments and regional access barriers

Developers across Africa cannot access major AI APIs due to Stripe's limited African card support, regional access blocks requiring VPN workarounds, and high minimum payment thresholds. The barrier is payment infrastructure, not capability or demand. As Africa's developer population grows rapidly, the exclusion from global AI tooling compounds disadvantage.

1 mentions1 sources
S6.0L7
Developer Tools · AI & Machine Learning

Subscription charge continues after bank-confirmed payment method removal

Consumers remove payment methods through bank customer service but merchants retain pull authorization and continue charging. Bank confirmation of removal does not revoke merchant-stored payment credentials. The subscription economy lacks a reliable consumer-side cancellation enforcement mechanism.

1 mentions1 sources
S6.0L7
Consumer & Lifestyle · Personal Finance

Users Want Capable AI Without Cloud Subscriptions or Internet Dependency

Recurring subscription costs and mandatory cloud connectivity frustrate users who want reliable AI tools they can own outright. Existing local AI options like Ollama require significant technical setup, leaving non-developers without a practical offline alternative. Demand is growing as subscription fatigue intensifies across the consumer AI market.

1 mentions1 sources
S6.0L7
Developer Tools · AI & Machine Learning