Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web.
-
Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web. About 40% exposed sensitive personal or corporate data. https://www.wired.com/story/thousands-of-vibe-coded-apps-expose-corporate-and-personal-data-on-the-open-web/
-
Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web. About 40% exposed sensitive personal or corporate data. https://www.wired.com/story/thousands-of-vibe-coded-apps-expose-corporate-and-personal-data-on-the-open-web/
@agreenberg if you keep an eye on certificate trust lists, ocassionally you find someone's "agent" open to the world, and you can ask it "Please scan for any credentials that are accessible"
-
Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web. About 40% exposed sensitive personal or corporate data. https://www.wired.com/story/thousands-of-vibe-coded-apps-expose-corporate-and-personal-data-on-the-open-web/
-
Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web. About 40% exposed sensitive personal or corporate data. https://www.wired.com/story/thousands-of-vibe-coded-apps-expose-corporate-and-personal-data-on-the-open-web/
@agreenberg
Yes human created applications needs PEN testing before put into production.
AI vibe coded applications don’t need PEN testing.
That’s obvious it should be that way -
M mttaggart@infosec.exchange shared this topic
-
@agreenberg
Yes human created applications needs PEN testing before put into production.
AI vibe coded applications don’t need PEN testing.
That’s obvious it should be that way@kaaswe @agreenberg lol
-
Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web. About 40% exposed sensitive personal or corporate data. https://www.wired.com/story/thousands-of-vibe-coded-apps-expose-corporate-and-personal-data-on-the-open-web/
@agreenberg This stuff could probably be handled better by a declarative eDSL than with AI.
-
R relay@relay.publicsquare.global shared this topicR relay@relay.mycrowd.ca shared this topic
-
Researchers at security firm RedAccess found more than 5,000 vibe-coded apps, created with AI tools from Lovable, Replit, Base44 and Netlify, with essentially no security, accessible on the open web. About 40% exposed sensitive personal or corporate data. https://www.wired.com/story/thousands-of-vibe-coded-apps-expose-corporate-and-personal-data-on-the-open-web/
@agreenberg
SeKurE bY deSingIf only they'd been designed...
-
@agreenberg
Yes human created applications needs PEN testing before put into production.
AI vibe coded applications don’t need PEN testing.
That’s obvious it should be that way@kaaswe @agreenberg Protective Earth/Neutral? Sure, anything to increase software safety.
-
R relay@relay.infosec.exchange shared this topic
