You’ve likely heard of vibe coding and very well may have conducted an experiment or two yourself, enlisting Claude or some otherAItool to create a simple website or an interactive game. OpenAI cofounder Andrej Karpathy coined the phrase with atweetin February 2025. In its simplest terms, vibe coding involves telling anAIprogram what you want to accomplish and having the AI create the code. It uses natural language provided by the user to generate the software.
Vibe coding is a truly revolutionary democratizer of software development. It allows anyone with a computer and a little imagination to come up with software that appears, at least on the surface, to do whatever you ask it to.
And therein lies the rub. Anyone in a company can potentially insert software inside the cybersecurity perimeter of a company without the burden of any knowledge of how software works and what it may be designed to do beyond your clever prompt.
The AI program you are using doesn’t know or care—it’s loyally fulfilling its blindingly fast and blindingly oblivious pattern matching mission.
That amazing program you just created without ever having learned to write a line of code may contain world-class level spyware, viruses, or malware that can extract (i.e., exfiltrate) a company’s proprietary data or so-called SQL injectionsthat can wreak havoc on your databases. The beautiful part from the bad actor’s point of view is they don’t need a back door: The blissfully ignorant employee importing the mystery code just swung the front doors wide open.
Source: Fast Company
