Google is testing a vibe-coding app called Opal
Google's now become the latest to hop on this bandwagon: the company is testing a vibe-coding tool called Opal, available to users in the U.S. through Google Labs, which the company uses as a base to experiment with new tech.
Opal lets you create mini web apps using text prompts, or you can remix existing apps available in a gallery. All users have to do is in a description of the app they want to make, and the tool will then use different Google models to do so.
Once the app is ready, you can navigate into an editor panel to see the visual workflow of input, output, and generation steps. You can click on each workflow step to look at the prompt that dictates the process, and edit it if you need to. You can also manually add steps from Opal's toolbar.
Opal also lets users publish their new app on the web and share the link with others to test out using their own Google accounts.
Google's AI studio already lets developers build apps using prompts, but Opal's visual workflow indicates the company likely wants to target a wider audience.
The company joins a long list of competitors, including Canva, Figma, and Replit, that are making tools to encourage non-technical people to create prototypes of apps without having to do any coding.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Verge
27 minutes ago
- The Verge
Google Workspace is rolling out a security update to stop token stealing attacks
Google Workspace is launching a new security measure to help prevent the same type of account takeover attack that impacted Linus Tech Tips. The feature, which is rolling out in beta for Chrome users on Windows, is designed to block bad actors from remotely stealing the cookies that keep you logged into your Workspace account. Google calls the feature Device Bound Session Credentials (DBSC), and it does exactly what its name suggests: it protects users' Workspace accounts by binding session cookies, the temporary files that websites use to remember user information, to their devices. That makes it more difficult for attackers to carry out session token-stealing attacks, which often occur when a victim downloads information-stealing malware. From there, bad actors can exfiltrate a victim's login credentials to a remote server, allowing them to sign into their account from another device or sell their credentials. 'Because this theft occurs after a user has logged in, it bypasses many existing account protections like 2FA [two-factor authentication],' Google spokesperson Ross Richendrfer tells The Verge. 'Existing protections for this type of attack aren't very mature, so it's low-hanging fruit for attackers.' In 2023, a bad actor took over the YouTube channel for Linus Tech Tips, along with two other Linus Media Group accounts, after an employee downloaded a fake sponsorship offer containing cookie-stealing malware. This week, YouTube issued a warning about a similar scam involving creators downloading phony brand deals. YouTube isn't the only platform that we've seen impacted by cookie-stealing, either, as hackers hijacked several Chrome extensions last year, adding malware that exfiltrates session tokens for some websites. Google says there's been an 'exponential rise' in cookie and authentication token theft over the past couple of years, and that this 'trend has only intensified in 2025.' The company began working on DBSC last year, and said the verification platform Okta, as well as browsers like Microsoft Edge, have 'expressed interest' in the concept. Along with DBSC, Google recommends that Workspace administrators enable passkeys as well, which is now available to over 11 million customers. Posts from this author will be added to your daily email digest and your homepage feed. See All by Emma Roth Posts from this topic will be added to your daily email digest and your homepage feed. See All Google Posts from this topic will be added to your daily email digest and your homepage feed. See All News Posts from this topic will be added to your daily email digest and your homepage feed. See All Security Posts from this topic will be added to your daily email digest and your homepage feed. See All Tech
Forbes
27 minutes ago
- Forbes
Are Chatbots On The Verge Of Dethroning Google? Not So Fast
Chatbot adoption is surging, but nowhere near the entrenched role of search engines. One of the significant changes in my work style has been to utilize ChatGPT, Perplexity, Gemini, or other generative AI engines for search. I find them superior to traditional search engines when I am researching a topic or subject. In most cases, I opt for these tools instead of using Google's search engine the way I used to. On the other hand, I have not stopped using traditional search engines altogether. For example, I use Google to find new restaurants, product reviews, and more that directly address the topic and provide straightforward answers to a particular question. Due to my work, I primarily use generative AI programs for work and traditional search engines for more personalized data needs. However, there has been a lot of noise lately about AI chatbots like ChatGPT shaking up the search landscape, with some quick to declare the end of traditional search engines. But if you look beyond the headlines and dive into the numbers, it's clear that Google's dominance remains unassailable for now. Recent traffic data from a study by for April 2023 through March 2025 paints a striking picture. Google clocked an astonishing 1.63 trillion visits—an average of 136.0 billion per month and 4.7 billion per day. By comparison, ChatGPT, despite its meteoric rise and much-hyped innovation, attracted "only" 47.7 billion visits over the same period, translating to about 4.0 billion per month and 185.2 million per day. Chatbots vs Search Engines Do the math, and you see Google still commands over 26 times the daily traffic of ChatGPT. This traffic isn't just momentum—it's scale. The gap between classic search and generative AI chatbots is vast. While chatbot adoption is surging, it's nowhere near disrupting the entrenched role of search engines as the web's default gateway. Key Takeaways at a Glance: But will this always be the case? Currently, Google Search remains the king of the search market. However, one specific generative AI product, Perplexity, appears to be designing its program to resemble a traditional search engine, and many investors are backing them for this reason. Perplexity delivers AI-powered answers in a conversational format, synthesizing information from reputable sources and displaying relevant citations. In practice, this experience is more about augmenting user intelligence than simply listing ten blue links. The traction Perplexity is gaining—millions of queries daily—is evidence that users increasingly want direct, helpful answers rather than endless hunting through results. Yet, its overall volume still trails Google's by orders of magnitude; today's AI engines are maybe a "Swiss Army knife" for information, but not yet the digital metropolis that Google has become. What Sets Perplexity Apart Perplexity's strengths are clear: I recently wrote a piece here in Forbes about Perplexity's Comet browser intergrating AI into the browser itself and its impact on traditional search engines. While I proposed the possibility of its impact on traditional search engines, with this data above, it seems that even AI integrated browsers are no real match to replace mainstream browsers anytime soon. As I point out, AI browsers could have an impact on the future of search, but keep in mind that Google, while not creating a dedicated AI browser yet, have integrated its Gemini AI engine into Chrome and you can already see they are heading in a similar direction of Perplexity's Comet. The data above shows that even as chatbot traffic surges, traditional search engines remain essential for billions of users, and search platforms are rapidly folding AI features into their workflows. What's more likely: we're witnessing the convergence of two paradigms. AI-driven engines like Perplexity will push Google, Bing, and their ilk to further integrate generative models, making the old lines between "search engine" and "AI assistant" obsolete. In essence, while AI chatbots are advancing rapidly and carving out a significant niche, Google's position as the go-to search tool remains largely unchallenged. For those keeping score, noise doesn't equal disruption—at least, not yet. Disclosure: Google subscribes to Creative Strategies research reports along with many other high tech companies around the world.
Forbes
27 minutes ago
- Forbes
Gmail Warns 2.5 Billion Users — Update Accounts Now As Attacks Surge
Change your Gmail password now — Google warns users. It's official: Google accounts are under attack, and those attacks have spiked by an incredible amount. According to Google itself, it observed an 84% increase in Gmail two-factor authentication bypass attacks across 2024 and has now confirmed that this 'has only intensified in 2025.' When it comes to the bigger picture, phishing and credential theft are now behind more than a third of all successful Google account attacks. But Google has been fighting back, and a July 29 announcement outlines a new security protection being offered to some, along with a warning for all users to change their passwords now. Change Your Gmail Password Now As Attacks Escalate It is always refreshing to hear the largest of tech companies being honest about the security challenges they face, and Google certainly falls into this category. More so when you are talking about Gmail, with some 2.5 billion users worldwide, and under constant attack, like all large email platforms, from threat actors looking to compromise accounts. 'Attackers are intensifying their phishing and credential theft methods,' Andy Wen, senior director of product management at Google has warned, 'which drive 37% of successful intrusions.' What's more, Wen continued, 'we've seen an exponential rise in cookie and authentication token theft as a preferred method for attackers.' Thankfully, the Google announcement does not stop there. Instead, it shares account security enhancements to mitigate just these types of attacks. While the Google announcement itself is directed at Google Workspace customers specifically, the first of the recommendations forms a warning that all 2.5 billion Gmail users should heed: update your account from using a password to a passkey. The 'enhancement' that Google is referring to here is that such passkeys support is now available, with 'expanded admin capabilities to audit enrollment and restrict passkeys to physical security keys,' to more than 11 million Google Workspace customers. That's important, of course, but please make the change from password to passkey regardless of whether you are using a paid-for or free Gmail account. The attackers, I can assure you, couldn't care less. The other advice is strictly for those Workspace customers, however, and comes by way of an open beta of Device Bound Session Credentials to protect against those 2FA cookie bypass attacks mentioned earlier, as well as another beta, a shared signals framework, that will be offered to 'select customers and partners' later this year. 'These advancements can meaningfully enhance account security,' Wen said, 'marking a major step forward in defending against account takeovers for Google Workspace customers.' Device Bound Session Credentials provide users with enhanced post-authentication protection, Wen explained, by helping to ensure that only the originating device can access the active session which, therefore, reduces the risk of cookie theft and 2FA bypass. DBSC also provides stronger sessions integrity, Google said, by bolstering protections with 'more granular account attributes when used together with context-aware access, even if an attacker obtains login credentials after the initial login.' Why All Users Should Update Gmail Accounts To Use Passkey Protection The benefits of passkeys compared to passwords are no secret, and have been put forward time and time again. Wen has reinforced the greater security that can be offered by making this one simple change: 'Unlike passwords, which can be guessed, stolen, or forgotten, passkeys are unique digital credentials tied to a user's device.' Here are three reasons why Google wants all users to switch to passkey technology, and switch now: So, what are you waiting for? Take note of the Google warning and update your Gmail account security now.
