Technologist Mag
  • Home
  • Tech News
  • AI
  • Apps
  • Gadgets
  • Gaming
  • Guides
  • Laptops
  • Mobiles
  • Wearables
  • More
    • Web Stories
    • Trending
    • Press Release

Subscribe to Updates

Get the latest tech news and updates directly to your inbox.

What's On

Yacht Club Games Delays Mina The Hollower

6 October 2025

WIRED Roundup: The New Fake World of OpenAI’s Social Video App

6 October 2025

Assassin’s Creed Mirage Is Getting A Free Story Expansion Next Month

6 October 2025

This 16-Inch Laptop Just Won Best Buy’s Techtober Sale

6 October 2025

OpenAI Wants ChatGPT to Be Your Future Operation System

6 October 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram
Technologist Mag
SUBSCRIBE
  • Home
  • Tech News
  • AI
  • Apps
  • Gadgets
  • Gaming
  • Guides
  • Laptops
  • Mobiles
  • Wearables
  • More
    • Web Stories
    • Trending
    • Press Release
Technologist Mag
Home » Vibe Coding Is the New Open Source—in the Worst Way Possible
Tech News

Vibe Coding Is the New Open Source—in the Worst Way Possible

By technologistmag.com6 October 20253 Mins Read
Share
Facebook Twitter Reddit Telegram Pinterest Email

Just like you probably don’t grow and grind wheat to make flour for your bread, most software developers don’t write every line of code in a new project from scratch. Doing so would be extremely slow and could create more security issues than it solves. So developers draw on existing libraries—often open source projects—to get various basic software components in place.

While this approach is efficient, it can create exposure and lack of visibility into software. Increasingly, however, the rise of vibe coding is being used in a similar way, allowing developers to quickly spin up code that they can simply adapt rather than writing from scratch. Security researchers warn, though, that this new genre of plug-and-play code is making software-supply-chain security even more complicated—and dangerous.

“We’re hitting the point right now where AI is about to lose its grace period on security,” says Alex Zenla, chief technology officer of the cloud security firm Edera. “And AI is its own worst enemy in terms of generating code that’s insecure. If AI is being trained in part on old, vulnerable, or low-quality software that’s available out there, then all the vulnerabilities that have existed can reoccur and be introduced again, not to mention new issues.”

In addition to sucking up potentially insecure training data, the reality of vibe coding is that it produces a rough draft of code that may not fully take into account all of the specific context and considerations around a given product or service. In other words, even if a company trains a local model on a project’s source code and a natural language description of goals, the production process is still relying on human reviewers’ ability to spot any and every possible flaw or incongruity in code originally generated by AI.

“Engineering groups need to think about the development lifecycle in the era of vibe coding,” says Eran Kinsbruner, a researcher at the application security firm Checkmarx. “If you ask the exact same LLM model to write for your specific source code, every single time it will have a slightly different output. One developer within the team will generate one output and the other developer is going to get a different output. So that introduces an additional complication beyond open source.”

In a Checkmarx survey of chief information security officers, application security managers, and heads of development, a third of respondents said that more than 60 percent of their organization’s code was generated by AI in 2024. But only 18 percent of respondents said that their organization has a list of approved tools for vibe coding. Checkmarx polled thousands of professionals and published the findings in August—emphasizing, too, that AI development is making it harder to trace “ownership” of code.

Share. Facebook Twitter Pinterest LinkedIn Telegram Reddit Email
Previous ArticleThe Best Dehumidifiers for Keeping Cool and Dry
Next Article As the Right Leans Into ‘Warrior’ Culture, Some Leftist Gym Bros Are Pushing Back

Related Articles

WIRED Roundup: The New Fake World of OpenAI’s Social Video App

6 October 2025

This 16-Inch Laptop Just Won Best Buy’s Techtober Sale

6 October 2025

OpenAI Wants ChatGPT to Be Your Future Operation System

6 October 2025

OpenAI’s Blockbuster AMD Deal Is a Bet on Near-Limitless Demand for AI

6 October 2025

Taking These 50 Objects Out of Orbit Would Cut Danger From Space Junk in Half

6 October 2025

Autism Is Not a Single Condition and Has No Single Cause, Scientists Conclude

6 October 2025
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo

Subscribe to Updates

Get the latest tech news and updates directly to your inbox.

Don't Miss

WIRED Roundup: The New Fake World of OpenAI’s Social Video App

By technologistmag.com6 October 2025

Manisha Krishnan: Yeah, this season has … I mean, this is the first time I’ve…

Assassin’s Creed Mirage Is Getting A Free Story Expansion Next Month

6 October 2025

This 16-Inch Laptop Just Won Best Buy’s Techtober Sale

6 October 2025

OpenAI Wants ChatGPT to Be Your Future Operation System

6 October 2025

The Big List Of Upcoming Video Game Remakes

6 October 2025
Technologist Mag
Facebook X (Twitter) Instagram Pinterest
  • Privacy
  • Terms
  • Advertise
  • Contact
© 2025 Technologist Mag. All Rights Reserved.

Type above and press Enter to search. Press Esc to cancel.