AI-generated code is outpacing every manual remediation model in existence’: Nearly all firms admit they have shipped code they know is vulnerable

Checkmarx research found 75% of organizations knowingly ship vulnerable code
The time‑to‑exploit window is expected to shrink to just one minute, raising urgent risks for some sectors
Vibe‑coded apps built entirely via AI chat are compounding exposure

Artificial Intelligence (AI) has made it unaffordable for organizations to ship code they already know is vulnerable, but they seem to be doing so anyway, new research has claimed.

Security experts Checkmarx found shipping vulnerable code became “standard operating behavior”, with 75% of organizations admitting they often or sometimes deploy code they already know is vulnerable.

It is hinted in the announcement that companies were making somewhat calculated risks: less than a decade ago (in 2018), the average time to exploit a software vulnerability was 840 days. That was more than enough time to ship a product, get it running, and then sort out the kinks along the way.

AI ex machina

However, AI tools have completely flipped the script – with the report arguing today, it takes less than two days to exploit a vulnerability, and that in less than two years, the time-to-exploit window will shrink even further, down to just one minute.

Checkmarx says this warning will be “particularly relevant” for healthcare, given the fact that hospitals and health systems are already facing escalating ransomware attacks, third-party software risk, and growing regulatory pressure, especially in the aftermath of the Change Healthcare incident.

Vibe-coded apps (solutions built entirely by chatting with an AI, without manual review of the code) will only compound the problem, it seems. Recent Wired research suggested that plenty of vibe-coded web apps were being pushed live with “weak or nonexistent auth, exposed data, and basic security flaws.”

The report, which was released earlier this month, claims that the researchers found more than 5,000 apps that were exposing corporate or personal data on the open web. It included medical data, financial information, internal corporate data, as well as customer chats.

The best antivirus for all budgets

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

https://cdn.mos.cms.futurecdn.net/QXcBRNeHkzXC6am5m3TXYf-2560-80.jpg

Source link

This ‘personal sun intelligence system’ offers a high-tech way to protect your skin from UV rays

Want a Nespresso-style capsule coffee maker without the waste? Lavazza’s new all-coffee pucks could be exactly what you’re looking for — with one small...

‘I think we’ll see a separate subscription’: Apple could lock the best parts of Siri AI behind a ChatGPT-style paywall, tipster predicts

Want a Nespresso-style capsule coffee maker without the waste? Lavazza’s new all-coffee pucks could be exactly what you’re looking for — with one small...

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

GTA 6 Release Date Update Dropped Ahead Of Trailer 3

10 Underrated Spy Movies That Can Be Called Masterpieces

Joel McHale Says Patrick Dempsey’s Name Was On His ‘Scream’ Set Chair

Restored ‘Peking Opera Blues’ Gets 4K Dolby Atmos Show at Shanghai

Trump gets Iran peace deal and rages against Netanyahu: ‘He has no f—ing judgement’

America’s RV industry feels the chill of war and high gas prices

Trump gets Iran peace deal and rages against Netanyahu: ‘He has no f—ing judgement’

Dubai awards $15 billion in contracts for airport expansion

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

AI-generated code is outpacing every manual remediation model in existence’: Nearly all firms admit they have shipped code they know is vulnerable

This ‘personal sun intelligence system’ offers a high-tech way to protect your skin from UV rays

GTA 6 Release Date Update Dropped Ahead Of Trailer 3

Trump gets Iran peace deal and rages against Netanyahu: ‘He has no f—ing judgement’

Want a Nespresso-style capsule coffee maker without the waste? Lavazza’s new all-coffee pucks could be exactly what you’re looking for — with one small...

Leave a reply Cancel reply