Vibe coding is here to stay. Can it ever be secure? | CyberScoop<\/title> <meta name=\"description\" content=\"Multiple studies show that AI-generated code is remarkably insecure. Yet experts tell CyberScoop it's up to industry to figure out a way to limit the issues the technology introduces. \"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/vibe-coding-ai-cybersecurity-llm\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Vibe coding is here to stay. Can it ever be secure? \"> <meta property=\"og:description\" content=\"Multiple studies show that AI-generated code is remarkably insecure. Yet experts tell CyberScoop it's up to industry to figure out a way to limit the issues the technology introduces. \"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/vibe-coding-ai-cybersecurity-llm\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-06-04T20:52:49+00:00\"> <meta property=\"article:modified_time\" content=\"2025-06-04T20:52:52+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg\"> <meta property=\"og:image:width\" content=\"7008\"> <meta property=\"og:image:height\" content=\"4672\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"djohnson\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1746040294g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1748637685g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1748220166g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/84765\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=84765\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fvibe-coding-ai-cybersecurity-llm%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fvibe-coding-ai-cybersecurity-llm%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-84765 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/vibe-coding-ai-cybersecurity-llm\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.9180327868852\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.489406779661\">\n<div class=\"single-article__header-content\" readability=\"30.8\">\n<p> Research shows that AI-generated code is remarkably insecure. Yet experts tell CyberScoop it’s up to industry to figure out a way to limit the issues the technology introduces. <\/p>\n<p>   <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg 7008w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Research shows that AI-generated code is remarkably insecure. Yet experts tell CyberScoop it’s up to industry to figure out a way to limit the issues the technology introduces. (Image Source: Getty) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"109.44766759903\"><body readability=\"219.86779918383\"><\/p>\n<p>Software powers the world, and soon, the bulk of the work making it may be done by machines.<\/p>\n<p>As generative AI tools have gotten more proficient at coding, their use in software development has exploded. Proponents say the tools have made it dramatically easier for individual entrepreneurs or companies to create the kind of slick, professional-looking websites and applications that used to be achievable only to multimillion dollar enterprises, at a fraction of the cost.<\/p>\n<p>But in many cases, this AI-directed approach to software development appears to come with real security tradeoffs.<\/p>\n<p>\u201cVibe coding\u201d is <a href=\"https:\/\/www.merriam-webster.com\/slang\/vibe-coding\">loosely defined<\/a> as someone putting trust in AI\u2019s capability to correctly develop software. Essentially, it means the developer \u201cforgets that the code even exists,\u201d leaving the bulk of the work to AI, as the human focuses on more abstract or higher-level problem-solving.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Experts remain deeply concerned about the cybersecurity weaknesses inherent in vibe coding. Yet nearly everyone CyberScoop spoke with for this story agreed on one thing: regardless of their feelings on the wisdom of the practice, software that is partially or entirely generated by AI is not going anywhere.<\/p>\n<p>LLM tools are easy to use and so widely dispersed that security concerns are unlikely to slow down momentum when the technology allows for users with little technical background to build entire websites or applications with a few prompts. Casey Ellis, founder and advisor for Bugcrowd, called the broad adoption of vibe coding \u201cinevitable,\u201d even as he acknowledges the potential security pitfalls.<\/p>\n<p>\u201cTo me, that\u2019s just sort of the march of technology, full stop,\u201d Ellis said. \u201cI do think it\u2019s fundamentally a good thing because \u2026 it gives more people access to be in a position where they can build stuff and the more ideas that are off the leash, the better for everyone, right?\u201d<\/p>\n<p>The flip side, he said, is that \u201cspeed is the natural enemy of quality and security and scalability\u201d in software development.<\/p>\n<p>He also posited that software built before the advent of generative AI, where workers routinely have high workloads and must meet unrealistic deadlines, has not exactly proven that code built solely by humans automatically leads to more secure software.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>While secure coding practices are important, the total software attack surface is a probabilistic function of the number of lines of code that exist in the world. What LLMs do really well, Ellis noted, is \u201chelp people generate lots of lines of code very quickly.\u201d<\/p>\n<p>Many sources CyberScoop spoke with saw a difference between using an AI coding assistant during the development process and vibe coding. <\/p>\n<p>The former is fast becoming standard practice in the software development world. A <a href=\"https:\/\/github.blog\/news-insights\/research\/survey-ai-wave-grows\/\">2024 GitHub survey<\/a> of 2,000 coders in four countries found that 97% reported using AI coding tools in their work.<\/p>\n<p>Jack Cable, who left the Cybersecurity and Infrastructure Security Agency earlier this year to form a startup called Corridor focused on adding additional security layers to AI-coded applications, told CyberScoop that he has \u201cdefinitely\u201d seen an uptick over the past year in both AI-assisted and vibe-coded projects. That\u2019s particularly true in the startup and tech worlds, where he said people tend to be more \u201cAI forward.\u201d<\/p>\n<p>\u201cThere\u2019s the hobbyists who are using some of these tools to generate websites without needing to know how to code at all \u2026 and then there\u2019s more AI-development tools like Cursor, Copilot and some others that are more what companies are adopting,\u201d he said.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>In the GitHub survey, quality of AI-generated code was cited as one of the primary benefits, alongside efficiency, simplicity and the ability to leverage unfamiliar coding languages.<\/p>\n<p>Microsoft has said that at least 50,000 organizations and more than 1 million developers have used GitHub Copilot. Other tech heavyweights like OpenAI, Google and Amazon have rolled out their own coding models, while smaller companies like <a href=\"https:\/\/www.cursor.com\/\">Cursor<\/a>, <a href=\"https:\/\/bolt.new\/\">Bolt<\/a>, <a href=\"https:\/\/lovable.dev\/\">Lovable<\/a> and others have filled the marketplace with lower-cost generative AI coding software.<\/p>\n<p>Despite concerns about security in other quarters, there was nearly universal expectation among coder respondents in the GitHub survey (99-100%) that AI adoption would lead to more secure software overall.<\/p>\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure.png?w=640&ssl=1\" alt><figcaption class=\"wp-element-caption\">A 2024 survey of 2,000 coders found near-universal expectations that AI will improve software security. (Source: GitHub)<\/figcaption><\/figure>\n<p>But those sentiments contrast with other research and data that has found major security problems in LLM-generated code, along with <a href=\"https:\/\/www.semafor.com\/article\/05\/29\/2025\/the-hottest-new-vibe-coding-startup-lovable-is-a-sitting-duck-for-hackers\">anecdotal stories<\/a> of projects that relied almost entirely on AI-generated code, only to see their websites and apps quickly compromised through obvious, low-level vulnerabilities in the code. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>For one, independent security researchers have challenged <a href=\"https:\/\/github.blog\/news-insights\/research\/does-github-copilot-improve-code-quality-heres-what-the-data-says\/\">studies<\/a> by Microsoft and GitHub showing significant improvements in code quality. Dan C\u00eempianu, a software developer and skeptic of generative AI\u2019s coding capabilities, <a href=\"https:\/\/jadarma.github.io\/blog\/posts\/2024\/11\/does-github-copilot-improve-code-quality-heres-how-we-lie-with-statistics\/\">noted<\/a> that the research appears to have tilted the scales in Copilot\u2019s favor by basing test results on a task \u2014 writing API endpoints for a web server \u2014 that he called \u201cone of the most boring, repetitive, uninspired, and cognitively unchallenged aspects of development.\u201d<\/p>\n<p>That is just one of several examples of what C\u00eempianu characterized as significant inaccuracies and overexaggerations around AI-coding proficiency in the study, including instances where graphs in the GitHub study \u2014 likely LLM-generated \u2014 failed to add up to 100%.<\/p>\n<p>Notably, the enthusiasm to integrate more AI tools into the workflow \u2014 and the belief that doing so will make security easier \u2014 is coming from executive leadership far more than security practitioners who remain deeply skeptical, according to a <a href=\"https:\/\/www.exabeam.com\/resources\/reports\/how-ai-is-transforming-cybersecurity-in-2025\/\">study<\/a> from Exabeam released in April. <\/p>\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-1.png?w=640&ssl=1\" alt><figcaption class=\"wp-element-caption\">Executives are significantly more likely to believe AI will increase cybersecurity than analysts and practitioners (Source: Exabeam)<\/figcaption><\/figure>\n<p>But others have found a more muted impact. At the 2024 Black Hat cybersecurity conference, Veracode Chief Technology Officer Chris Wysopal <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/366600097\/Veracode-highlights-security-risks-of-GenAI-coding-tools\">told TechTarget<\/a> that 41% of AI-generated code contained security vulnerabilities, on par with most human-generated code.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Ellis noted that the history of coding is one of perpetual technological innovation that makes the process easier and more accessible for people to use, from the early days of <a href=\"https:\/\/www.geeksforgeeks.org\/what-is-assembly-language\/\">Assembly<\/a> and machine code to when Grace Hopper <a href=\"https:\/\/lemelson.mit.edu\/resources\/grace-hopper\">developed the first compiler<\/a>. Viewed through this lens, LLM-coding is just the latest step in lowering the barrier to entry.<\/p>\n<p>Cable said that while he doesn\u2019t think AI coding assistants \u201care going to put software developers out of work,\u201d he does believe \u201cthere is a lot of potential here to move to a future where code is more secure by default.\u201d<\/p>\n<p>\u201cBut I do think there\u2019s real work needed to get there,\u201d he said.<\/p>\n<p>The problem is that current AI coding technologies are nowhere near ready to handle such significant software development responsibility. <a href=\"https:\/\/baxbench.com\/\">BaxBench<\/a>, a benchmark created by a group of developers to evaluate LLM-generated code, has found that nearly all major commercial and open-source models available today are deeply unreliable when it comes to producing code that is safe and ready for deployment. <\/p>\n<p>For example, 62% of the software output from top LLM models was either incorrect or contained a security vulnerability. About half the code generated that did function correctly also contained exploitable flaws.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-2.png?w=640&ssl=1\" alt><figcaption class=\"wp-element-caption\">Today\u2019s LLMs produce workable and secure code less than half the time with no additional security prompting. (Source: BaxBench) <\/figcaption><\/figure>\n<p>Even providing more specific security instructions during prompting that were developed by \u201can unrealistic oracle that anticipates all security pitfalls\u201d<strong> <\/strong>had a limited impact on this problem.<\/p>\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-3.png?w=640&ssl=1\" alt><figcaption class=\"wp-element-caption\">Extensive security prompting yields only marginal improvements in secure, workable LLM-generated code (Source: BaxBench)<\/figcaption><\/figure>\n<p>People charged with overseeing and managing LLM-generated software projects do not fare much better.<\/p>\n<p>Because LLMs are trained on vast repositories of human-generated code, they tend to reproduce many of the same vulnerabilities in their own products. Ellis said one meaningful difference between vibe-coded and human-generated applications is \u201cyou get a lot of artifacts that are left around and potentially vulnerable, but also can definitely inform someone that is doing a code-informed attack.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>In other words, LLMs can sometimes architect or structure their software code in ways that most humans wouldn\u2019t, leaving them open to new kinds of attacks. <\/p>\n<p>A hackathon in Poland this past April hosted 40 teams that built AI-agentic software solutions that were evaluated for security flaws in the code and workflow. The vast majority (80%) shipped their finished application without adding any additional security protections beyond what were already in the LLM guardrails. Some teams declined to use simple implementations for OpenAI guardrail agents who could spot potential vulnerabilities or weaknesses, because doing so made the LLM less accurate and blocked too many actions.<\/p>\n<p>This may be \u201cleading many teams to intentionally deprioritize security in favor of smoother user experience or faster prototyping,\u201d <a href=\"https:\/\/splx.ai\/blog\/openai-aitinkerers-hackathon-agentic-radar-insights\">wrote<\/a> Dorian Grano\u0161a and Ante Gojsali\u0107 of SplxAI, which both sponsored the event and provided the company\u2019s agentic radar tool to evaluate the team\u2019s proposals.<\/p>\n<p>Proponents of a vibe-coded future often argue that, when used right, AI tools can enhance the programming experience significantly, including on security. The concern is that the number of careful users is probably much smaller than the people who might use these tools without a thought about security. <\/p>\n<p>Cable believes the ultimate solution to a world filled with both AI- and human-generated bugs is to update software development and security tools for this new reality. He believes existing security tools will not keep up with the pace of AI-generated software code, and that many human software developers lack the kind of training to develop secure code on their own.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThis is something that I think these development tools really ought to prioritize as well, and make sure that as they are generating code, [they are] assuming that the user isn\u2019t very technical, doesn\u2019t have the resources to catch bugs and adding more security guardrails in place,\u201d he said. <\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.5889908256881\">\n<div class=\"author-card\" readability=\"13\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/06\/vibe-coding-is-here-to-stay-can-it-ever-be-secure-1.jpg?w=640&ssl=1\" alt=\"Derek B. Johnson\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Derek B. Johnson<\/h4>\n<p> Derek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor\u2019s degree in print journalism from Hofstra University in New York and a master\u2019s degree in public policy from George Mason University in Virginia. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/vibe-coding-ai-cybersecurity-llm\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vibe coding is here to stay. Can it ever be<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[235,384,78,256,3688,310,1,4389],"tags":[236,388,86,262,3690,311,325,4390],"class_list":["post-7709","post","type-post","status-publish","format-standard","hentry","category-ai","category-artificial-intelligence-ai","category-cybersecurity","category-research","category-software-security","category-technology","category-uncategorized","category-vibe-coding","tag-ai","tag-artificial-intelligence-ai","tag-cybersecurity","tag-research","tag-software-security","tag-technology","tag-uncategorized","tag-vibe-coding"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai\/\" rel=\"category tag\">AI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/artificial-intelligence-ai\/\" rel=\"category tag\">artificial intelligence (AI)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/software-security\/\" rel=\"category tag\">software security<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vibe-coding\/\" rel=\"category tag\">vibe coding<\/a>","tag_info":"vibe coding","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7709","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7709"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7709\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7709"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7709"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7709,"date":"2025-06-04T15:52:49","date_gmt":"2025-06-04T20:52:49","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=84765"},"modified":"2025-06-04T15:52:49","modified_gmt":"2025-06-04T20:52:49","slug":"vibe-coding-is-here-to-stay-can-it-ever-be-secure","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/06\/04\/vibe-coding-is-here-to-stay-can-it-ever-be-secure\/","title":{"rendered":"Vibe coding is here to stay. Can it ever be secure?\u00a0"},"content":{"rendered":"