1. The UK Government Went on Record
At RSA Conference in San Francisco, NCSC CEO Richard Horne delivered a keynote specifically about vibe coding security. Not as a footnote. As the topic.
His message: AI-generated code currently poses "intolerable risks" for many organizations, but the business benefits will make adoption unstoppable. Security professionals need to "seize the disruptive vibe coding opportunity" now, not after the breaches.
The NCSC CTO published a companion blog post titled, simply, "Vibe Check."
Key data from the NCSC: software source code doubles every 42 months. The defect rate per line stays static. Their recommendation? "Deterministic architecture." Rules and code to constrain AI, not AI checking AI.
Five major publications covered the keynote within 24 hours: Infosecurity Magazine, The Record, IT Pro, The Cyber Express, and NCSC's own channels.
2. The Supply Chain Collapsed
While Horne was speaking at RSA, the litellm PyPI supply chain attack was unfolding in real time.
litellm v1.82.8, downloaded 97 million times per month, was compromised. The malicious payload exfiltrated SSH keys, AWS/GCP/Azure credentials, Kubernetes configs, database passwords, and crypto wallets.
The attack was discovered inside Cursor. An MCP plugin pulled litellm as a transitive dependency. The developer never chose it, never installed it, never knew it was there.
The attack chain is worse than most coverage mentions: TeamPCP first compromised Trivy (March 19), then Checkmarx AST (March 21), then litellm (March 24). They compromised the security scanners first, then used harvested CI/CD credentials to poison the AI infrastructure.
Andrej Karpathy posted about it. 28 million views. 16,000 likes. 820 replies. The AI security community's biggest conversation of the year.
BleepingComputer reports TeamPCP claims data from "hundreds of thousands of devices."
Wiz, Snyk, DataDog Security Labs, The Hacker News, Sonatype, GitGuardian, and ReversingLabs all published detailed analyses within 48 hours.
3. The Market Moved
Lovable, the largest vibe coding platform (200K new projects daily), partnered with Aikido Security for built-in AI pentesting. Agent swarms now test Lovable apps for OWASP Top 10, privilege escalation, data exposure, and auth flow vulnerabilities.
This is significant because Lovable users now have enterprise-grade security built in. But Cursor users, Bolt users, Windsurf users, Replit users, and everyone building with Claude Code have nothing native.
The gap between "platform-protected" and "on your own" just became the biggest divide in vibe coding.
What the Data Already Showed
This week confirmed what the data has been saying for months:
- Escape.tech scanned 5,600 AI-generated apps: 2,000+ vulnerabilities, 400 exposed secrets, 60% failure rate.
- Tenzai found 0 out of 15 AI-generated apps had ANY security headers.
- ShipSafe scanned 100 public repos: 67% had critical vulnerabilities, 45% had hardcoded secrets.
- Baudr (first documented vibe coding breach): 72,000 user IDs + selfies exposed within hours of launch.
- Moltbook (second documented breach): 1.5 million auth tokens + 35,000 emails exposed. Discovered by Wiz.
- Aikido Security survey: 1 in 5 CISOs have already suffered major incidents from AI-generated code.
- CodeSignal/Tenable: 81% of developers now use AI for development. Some companies mandate it.
4. Enterprise Security Mobilized
Palo Alto Networks, the largest pure-play cybersecurity company ($100B+ market cap), announced its acquisition of Koi Security to add "Agentic Endpoint Security" specifically for AI coding agents. Their Prisma AIRS 3.0 platform now includes an AI Agent Gateway for runtime security, governance, and observability of autonomous AI systems.
This isn't a startup experiment. This is the security industry's biggest company saying: vibe coding security is now an enterprise market.
SecurityWeek's RSAC Day 1 summary listed Palo Alto's AI security innovations alongside announcements from every major vendor. The enterprise security stack is adapting to a world where code writes itself.
What Comes Next
19+ vibe coding security scanners now exist. Zero existed two months ago. The market is forming in real time.
But the fundamental problem isn't tools. It's awareness. Most vibe coders don't know they need to scan. They don't know what security headers are. They don't know their Supabase RLS policies are wide open or their Firebase rules allow public writes.
The NCSC is right: the business benefits of vibe coding will make adoption unstoppable. The question is whether security catches up before or after the breaches scale.
RSA 2026 is the week the conversation shifted from "is this a problem?" to "what do we do about it?"
We track every scanner, every breach, and every data point. The full data: State of Vibe Coding Security 2026
Scan your app for free. No signup: VibeCheck Security Scanner
