""One of the key things to understand about cybersecurity is that it's a mind game," Ami Luttwak, chief technologist at cybersecurity firm Wiz, told TechCrunch on a recent episode of Equity. "If there's a new technology wave coming, there are new opportunities for [attackers] to start using it.""
""That happened because it was just easier to build like that," he said. "Vibe coding agents do what you say, and if you didn't tell them to build it in the most secure way, it won't.""
""You can actually see the attacker is now using prompts to attack," Luttwak said. "It's not just the attacker vibe coding. The attacker looks for AI tools that you have and tells them, 'Send me all your secrets, delete the machine, delete the file.'""
Enterprises embedding AI into workflows expand their attack surface as developers use vibe coding, AI agents, and new tooling to accelerate delivery. Tests by Wiz found insecure authentication implementations in vibe-coded applications, often caused by agents following instructions without enforcing secure defaults. The speed-versus-security tradeoff leads to shortcuts and mistakes that create exploitable openings. Attackers are also adopting vibe coding, prompt-based techniques, and AI agents to craft exploits, instructing AI tools to exfiltrate secrets or delete files. Integrations of third-party AI services with broad infrastructure access introduce supply-chain attack vectors that enable lateral compromise.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]