2,000+ public Vibe‑Coding apps leaking data: corporate security threat

Colleagues, a cybersecurity alert: Red Access found 380,000 public assets on Vibe‑Coding platforms; ~5,000 corporate apps, >2,000 exposing sensitive data without basic controls.
Key points:
— Non‑developers build these apps and connect CRM/BI/ERP directly;
— EDR, DLP, CASB and SSE often miss session paths and unmanaged devices;
— Publishing and OAuth grants occur in browser sessions — session‑level controls are required.
Why it matters: Shadow AI becomes a product that directly exposes data.
Recommendations: employee surveys, asset inventory, sanctioned access paths, and continuous session visibility.
How do you govern DIY apps?
#cybersecurity #ShadowAI #vibecoding #infosec


Latest comments
No comments yet.