Vibe Coding Security
The big picture: why AI builders optimize for “it works” over “it’s secure,” what the research and the breaches show, and the checklist to ship without leaving the door open.
7 articles
Vibe Coding Security: The Complete Guide
Vibe coding security, explained for non-developers. Why AI-built apps ship with leaks, the main risk classes, and how to check your own app in minutes.
45% of AI-Generated Code Ships With a Vulnerability: The Research
AI generated code security, by the numbers. Four studies — Veracode, Carnegie Mellon, Escape.tech, Tenzai — on how often AI code ships with a vulnerability.
DAST vs SAST for AI-Generated Apps (and Why Deployed-App Scanning Wins)
DAST vs SAST for AI-built apps: a security scanner for AI code should test the deployed app, not just read source. Here's why deployed-app scanning catches more.
Is Your Vibe-Coded App Leaking Data? The 7 Gaps in Every AI-Built App
Worried your vibe-coded app is leaking data? Here are the 7 security gaps that show up in nearly every AI-built app — and how to check each one yourself.
The Pre-Launch Security Checklist for Vibe-Coded Apps
A vibe coding security checklist for non-developers: the database, secrets, storage, auth, and header checks to run before you ship your AI-built app. Print and go.
The Vibe-Coding Breach Timeline: Enrichlead, Tea, Base44, Moltbook
A timeline of the biggest vibe coding breaches — Enrichlead, Tea, Base44, Moltbook. What happened, the real root cause, and the lesson behind each AI app breach.
Why AI Optimizes for 'It Works,' Not 'It's Secure'
Why is AI code insecure? Because models optimize for code that runs and demos well, not code that's safe. The mechanism behind AI code security problems, explained.