Vibe Coding's Security Debt Is Piling Up Fast

Escape.tech found over 2,000 vulnerabilities across 5,600 production apps built with AI coding tools - including 400 exposed secrets and 175 personal data leaks. A separate Tenzai audit hit 100% SSRF rates across 15 test applications. With 42% of code now AI-generated and Cursor valued at $50 billion, the gap between output speed and security review keeps widening. The subprime mortgage analogy lands harder than most: companies are shipping fast, nobody's verifying, and the risk is compounding silently. Open source maintainers like cURL's Daniel Stenberg are already shutting down bug bounties over AI-generated noise. The correction, when it comes, won't be gradual.