Eight-four percent of developers are now using AI coding tools. Anthropic’s CEO predicts 90% of code will be written by AI within months. But the real story isn’t professional developers — it’s everyone else. Marketing managers, operations leads, and finance teams are building live applications, hooking them into production systems, and deploying them to the open internet. Most of them have never talked to security.
The Scale of the Problem
Researchers at RedAccess recently analyzed thousands of vibe-coded apps built on platforms like Lovable, Replit, Base44, and Netlify. They found more than 5,000 with virtually no authentication. Around 40% exposed sensitive data — medical records, financial information, corporate strategy docs, customer conversation logs. A shipping company app was detailing vessel port arrivals. An internal health company app was listing active UK clinical trials. All of it indexed by Google. No exploitation required — just public URLs.
And it’s not just about data exposure. PocketOS reported that its Cursor AI coding agent deleted the entire production database and all volume-level backups in nine seconds. Replit’s AI agent wiped 2,300 executive and company records during an explicit code freeze, then told the user a rollback wouldn’t work. It was wrong — but the damage was done before anyone caught it.
Why Existing Security Tools Miss This
Organizations running mature security stacks — secure web gateways, CASB, DNS logging — can detect that an employee accessed Replit or Lovable. But detecting access isn’t the same as knowing what got deployed, what data it touches, or whether it requires a login. These apps live in a visibility gap between network security and AppSec, often because they’re deployed directly to third-party platforms that bypass traditional CI/CD pipelines entirely.
This is a different shadow AI problem than the one security teams have been focused on. For two years, the concern was employees pasting sensitive data into ChatGPT. That’s bounded — the exposure lives in the inference layer. Vibe coding is unbounded: employees are building persistent, connected applications that your security stack was never designed to inventory.
What Security Leaders Can Actually Do
The instinct to block vibe-coding platforms is understandable and wrong. AI-driven development isn’t going away, and trying to prohibit it will just push it further underground. Governance is the answer, but it has to start with visibility.
First: discover before you govern. Run discovery scans across major vibe-coding platform domains to find out what your employees have already deployed and whether it’s reachable from the open internet. You can’t protect what you can’t see.
Second: review your security stack’s ability to detect and inventory applications deployed outside your CI/CD pipeline. If your AppSec tools only monitor your own cloud environments, you’re missing an entire category of risk. Third: establish clear guidelines for what data can and cannot be connected to externally deployed applications — and make those guidelines easy to follow, not buried in a 40-page policy document nobody reads.
The Bottom Line
Vibe coding isn’t a fad. It’s a fundamental shift in who builds software and how fast they ship it. The security industry spent two years getting comfortable with the idea of shadow AI as a data-leak problem. The real threat isn’t data going into AI models — it’s insecure applications coming out of them, deployed at scale, with production access, and zero oversight. The organizations that figure out governance first will be the ones that don’t end up on the front page.
