Vibe Coding to Vibe Hacking: Securing Software in the AI Era

Summary

Matt Moore, co‑founder and CTO of Chainguard, warns that AI‑assisted "vibe coding"—where developers generate code via generative AI—could account for 40% of new business software within three years, dramatically accelerating development and boilerplate creation. While the speed and refactoring benefits can free teams to focus on value‑adding work, the surge in AI‑generated code expands the attack surface, making organizations vulnerable to "vibe hacking" where threat actors use the same tools to inject malicious code before patches are applied. Moore stresses that, like early open‑source adoption, responsibility for security and quality remains with the organization, requiring rigorous review, testing, and governance. He advocates a model that pairs automation with accountability to ensure AI‑driven productivity does not compromise security.