Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Global public exposure of vibe-coded applications across organizations

Trend
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

Vibe-coded applications are leaking onto the public internet across organizations, creating a growing exposure trend for corporate, operational, and personal data. A May 2026 investigation found more than 380,000 publicly accessible web assets on leading AI development platforms, including more than 2,000 with sensitive data. The exposed apps were seen across six continents and every industry, with many reachable without basic access controls and some granting admin access by default. The pattern shows a broad governance gap in how employee-built AI apps are deployed and published.

Related Happenings

Enterprise AI guardrails for shadow AI and personal-account exposure

Defensive Guidance
First: 28.05.2026 14:30 Last: 28.05.2026 14:30 Sources 1

About this happening: Enterprise AI governance is shifting toward **AI power users**, **personal accounts**, and **inline guardrails** as sensitive-data exposure concentrates in a small share of workfl...

Open Happening

AI-driven attack surge against customer-facing mobile apps in 2026

Trend
First: 19.05.2026 15:00 Last: 19.05.2026 15:00 Sources 1

About this happening: **Customer-facing mobile apps** faced a sharp rise in attacks in **2026**, with **87%** of monitored apps hit versus **55% in 2022**. The trend matters because **agentic AI** is l...

Open Happening

Enterprise browser users AI adoption and browser-risk trends

Trend
First: 05.03.2026 17:01 Last: 05.03.2026 17:01 Sources 1

About this happening: Enterprise browser sessions are seeing **mainstream AI tool use**, widening the security blind spot around **employee work sessions** and increasing the risk of **sensitive data e...

Open Happening

Underground AI services emerge with jailbroken APIs and MCP servers

Threat Actor Meta
First: 12.02.2026 14:45 Last: 12.02.2026 14:45 Sources 1

About this happening: **Underground AI services** are emerging on **marketplaces** with a model that hides **jailbroken commercial APIs** and **open-source MCP servers**, expanding access to **malware*...

Open Happening

Tenable One AI Exposure launches as a cloud-native add-on for AI exposure management

Security Tool/Service
First: 30.01.2026 22:23 Last: 30.01.2026 22:23 Sources 1

About this happening: **Tenable** has launched **Tenable One AI Exposure**, a cloud-native add-on that helps enterprises detect and govern **agentic and generative AI** use before it creates **data exp...

Open Happening

Timeline

  1. 29.05.2026 13:30 2 articles · 4h ago

    Red Access identifies more than 380,000 publicly accessible vibe-coded web assets

    Initial Disclosure

    Red Access identifies more than 380,000 publicly accessible web assets across leading vibe-coding platforms, including roughly 5,000 that looked corporate and more than 2,000 that held sensitive corporate, operational, or personal data. The exposed applications were reachable on the open web without basic access controls, often granting admin access by default to anyone who knew the URL, with the exposure spanning six continents and every industry.

    Show sources
    Open in new tab