A recent study by Veracode, outlined in the 2025 GenAI Code Security Report, reveals major security concerns surrounding AI-generated code. Nearly 45% of code produced by large language models (LLMs) contained significant vulnerabilities, often classified as part of the OWASP Top 10 security risks. Alarmingly, AI models opted for insecure code nearly half the time when given a choice. This trend, described as “vibe coding,” arises when developers allow AI to generate code without clear security guidelines, leading to increased exploitability of vulnerabilities. Furthermore, low-skilled hackers can now leverage AI tools to easily find and exploit these weaknesses, reshaping the cybersecurity landscape. To combat these risks, Veracode emphasizes the importance of integrating security practices throughout the development pipeline. This highlights the urgent need for developers and organizations to prioritize secure coding practices and improve their defenses against evolving threats in an AI-driven environment.
Source link
Share
Read more