Explore Problems

Showing 1,191 of 6,918 problems · matching your filters

Termius SSH Client Routes Private Keys Through Their Cloud by Default

Termius, a popular cross-platform SSH client, syncs private SSH keys through their own infrastructure as part of its default sync feature. Developers using Termius unknowingly expose private keys to a third-party cloud service, with no prominent disclosure or easy opt-out.

1 mentions1 sources
S6.1L7
Security & Compliance · Identity & Access

VSCode Extension Marketplace Breach Disclosure Withholds Extension Names

A malicious VSCode extension breached 3,800 GitHub repos, but breach disclosures do not name the specific extension. Developers with dozens of installed extensions cannot self-audit or remove the threat without this information, exposing the structural trust problem in extension marketplaces.

1 mentions1 sources
S6.1L7
Security & Compliance · Application Security

Auto Manufacturers Refuse Buybacks for Vehicles With Multiple Safety Recalls

Consumers who purchase vehicles that accumulate multiple safety recalls within months of purchase cannot get the manufacturer to honor a buyback, leaving them financially bound to a defective and potentially dangerous vehicle. Lemon law protections exist on paper but manufacturers exploit procedural gaps and time requirements to avoid compliance. The consumer has no expedient remedy other than CFPB complaints or litigation.

1 mentions1 sources
S6.1L7
Industry Verticals · Automotive

Wave of retiring insurance agency owners with no succession plan

Approximately 30,000 US insurance agency owners are approaching retirement age with no formal succession plan in place and no pipeline of qualified buyers. The average agency owner is 59, creating a compressed timeline for exits that the current M&A infrastructure is not equipped to handle at scale. This creates a structural gap for acquisition platforms, brokers, and transition advisors.

1 mentions1 sources
S6.1L7
Industry Verticals · Insurance

Telecom Promotional Promises Go Unfulfilled and Overbilling Persists for Months

AT&T and similar carriers promise promotional credits during upgrades but fail to deliver them despite confirmed device returns, forcing months of fruitless support calls. Simultaneous overbilling compounds the financial harm. The dispute process is designed to exhaust customers into abandoning claims.

1 mentions1 sources
S6.1L7
Industry Verticals · Telecom & Utilities

Early-stage founders lack CFO-quality financial insight without a full-time CFO

Founders spend hours monthly wrestling with spreadsheets and chasing bookkeepers to answer basic runway questions, especially at high-stakes moments like board meetings. CFO-level financial clarity is inaccessible to companies that can't afford a full-time hire.

1 mentions1 sources
S6.1L7
Business Operations · Finance & Accounting

No Alerts When Users Stop Converting — Infra Stays Green

Startups can lose users silently for hours when infra metrics look healthy but user-facing flows are broken. Existing monitoring tools alert on server errors and latency but miss behavioral anomalies like signup drop-offs or checkout abandonment. Engineering teams only discover these failures through manual review or user complaints.

1 mentions1 sources
S6.1L7
Developer Tools · DevOps & Infrastructure

SCA Tools Only Check CVEs and Miss Unmaintained or Abandoned Package Risk

Software composition analysis tools scan for known CVEs but fail to detect packages where maintainers have abandoned the project, creating silent supply chain risk. A lifecycle-aware dependency checker that flags EOL and abandoned packages fills a critical gap in application security workflows.

1 mentions1 sources
S6.1L7
Security & Compliance · Application Security

HomeAdvisor unverified leads and locked exit with steep cancellation penalties

HomeAdvisor provides leads that do not intend to hire, often have no real project, or are seeking free estimates only, and when contractors attempt to leave the platform they face cancellation fees up to $1,200. The service monetizes the lock-in rather than lead quality.

3 mentions1 sources
S6.1L7
Marketing & Growth · Lead Generation

Insurance Companies Using Out-of-Market Comparables to Suppress Total Loss Payouts

When processing total loss claims, insurers systematically use vehicle comparables from distant markets and mismatched configurations to justify lower settlement offers. Even after regulators confirm valuation errors, insurers adjust other data points to maintain the same suppressed payout rather than correcting the figure. Policyholders lack independent tools to verify whether comparable vehicles used are geographically and configurationally appropriate.

1 mentions1 sources
S6.1L7
Industry Verticals · Insurance

Technical Hiring Signals Break Down When AI Can Solve Any Coding Challenge

Engineering managers struggle to evaluate developer candidates because AI tools can complete any algorithmic coding challenge on demand, nullifying the primary screening signal. The problem affects every tech company hiring engineers and is intensifying as AI coding tools improve. No broadly validated alternative evaluation framework has emerged yet.

1 mentions1 sources
S6.1L7
Business Operations · HR & Hiring

Docker Containers Default to Excessive Capabilities and No Limits

Docker ships containers with the full default Linux capability set and no memory or PID limits, giving any compromised container far more system access than it needs. Most operators running self-hosted stacks never audit these defaults because nothing breaks — until it does. Dropping capabilities and setting resource ceilings is a straightforward mitigation that remains largely unknown outside security-specialist circles.

1 mentions1 sources
S6.1L7
Security & Compliance · Fraud Prevention

SaaS billing and feature entitlements require engineering for every change

SaaS products—particularly AI-native tools where costs scale with tokens or compute—cannot implement usage-based billing without significant custom code for metering, feature access gating, subscription state mirroring, and pricing change logic. The absence of a turnkey abstraction layer means every team solves the same engineering problem independently, with billing errors directly eroding margin in real time.

1 mentions1 sources
S6.1L7
Business Operations · Payments & Billing

AI Coding Tools Systematically Miss Security Vulnerabilities in Generated Code

AI coding assistants like Claude Code and Cursor optimize for code that compiles, not code that is secure, consistently missing OWASP-class vulnerabilities like magic-byte validation gaps and SVG XSS. Security-focused MCP agents that enforce SDLC checkpoints at key development phases can catch what standard AI coding tools miss. This is a structural gap affecting any team using AI-assisted coding for production systems.

1 mentions1 sources
S6.1L7
Security & Compliance · Fraud Prevention

Customer Success Teams Drown in Context Hunting Across Fragmented Tools

Post-sales and customer success teams spend excessive time manually gathering account context from CRM, support, product, billing, and communication tools. This admin tax prevents proactive account management, leading to silent churn, missed upsells, and inability to monitor account health at scale. The problem is universal in recurring revenue businesses but underserved by accessible, affordable tooling.

1 mentions1 sources
S6.1L7
Business Operations

B2B Contact Data Decays Too Fast for Timing-Sensitive Outreach

Sales prospecting tools like Apollo and Clay rely on static enrichment databases that quickly become stale, causing outreach to hit outdated emails, wrong job titles, and departed contacts. Teams running timing-sensitive campaigns — hiring triggers, funding announcements, product launches — need live web research at query time to act on signals before they expire. No major tool currently solves real-time enrichment at scale.

1 mentions1 sources
S6.1L8
Business Operations · Sales & CRM

AI Is Collapsing Expensive Incumbent SaaS Sales Stacks into Affordable Unified Platforms

Enterprise sales stacks built on tools like ZoomInfo and Outreach cost $40k+ per year for small teams, while AI-native platforms are bundling data, sequencing, and signals for $100-150/seat/month. This disruption creates massive displacement risk for incumbents and opportunity for consolidated alternatives.

1 mentions1 sources
S6.1L8
Marketing & Growth · Lead Generation

Doctors Lose Hours Per Shift to Repetitive Prescription and Clinical Note Entry

Physicians in urgent care, primary care, and ER settings spend excessive time re-entering the same prescriptions, notes, and care plans across patient visits, consuming time that could be spent on patient care. AI-assisted templating and voice-to-text clinical documentation tools address this critical workflow bottleneck.

1 mentions1 sources
S6.1L8
Industry Verticals · Healthcare & Wellness

Shopify removes native features in updates to force merchants into paid app subscriptions

Shopify platform updates routinely remove or degrade previously available native functionality, with the removal justified by directing merchants to third-party apps. Merchants accumulate a fragmented stack of app subscriptions for features that were previously built-in, with each app adding monthly costs and an independent support relationship. When the combined stack breaks, neither Shopify nor individual app vendors accept accountability for the interaction.

2 mentions1 sources
S6.1L7
Business Operations · E-commerce Operations

Shopify gates basic ecommerce features behind mandatory paid app subscriptions

Shopify deliberately excludes standard ecommerce functionality from its core platform, requiring merchants to purchase third-party apps for features competitors bundle as standard. Monthly app costs compound into hundreds of dollars per month on top of Shopify's own fees. During outages or billing disputes, merchants face fragmented accountability with Shopify and each app vendor disclaiming responsibility for the combined failure.

2 mentions1 sources
S6.1L7
Business Operations · E-commerce Operations