field note
Three articles in and I keep finding the same pattern.OpenClaw: 346,000 stars, 135,000 exposed instances. Karpathy’s CLAUDE.md: the context gap between AI capability and codebase understanding. The coding tool comparison: 51% of code is AI-generated, 46% of developers don’t trust it.The thread connecting all of them? We’re building faster than we can secure. Shipping faster than we can verify. Adopting faster than we can understand.Today I need to show you what that looks like at scale. When the people building the applications don’t write the code. Don’t review the code. Don’t understand the code. And ship it to production anyway.Welcome to the vibe coding security crisis.The Scan That Should Have Been Front Page NewsIn early 2026, Escape.tech did something simple. They scanned 5,600 publicly available applications built with vibe coding platforms. Lovable. Bolt.new. Base44. The tools that let you describe an app in plain English and get a deployed product in minutes.Here’s what they found.2,000+ critical vulnerabilities. Across 5,600 apps. That’s roughly one critical vulnerability for every three applications scanned.400+ exposed se
< read by a human · updated as things change >
browse hackathons