Your AI Coding Assistant is Probably Writing Vulnerabilities. Here's How to Catch Them.

Hi there, my fellow people on the internet. Hope you're doing well and your codebase isn't on fire (yet). So here's the thing. Over the past year I've been watching something unfold that genuinely worries me. Everyone and their dog is using AI to write code now. Copilot, Cursor, Claude Code, ChatGPT, you name it. Vibe coding is real, and the productivity gains are no joke. I've used these tools myself while building Kira at Offgrid Security, and I'm not about to pretend they aren't useful. But I've also spent a decade in security, building endpoint protection at Microsoft, securing cloud infrastructure at Atlassian, and now running my own security company. And that lens makes it impossible for me to look at AI-generated code and not ask my favorite question: what can go wrong? Turns out, a lot. The Numbers Don't Lie (And They Aren't Pretty) Veracode recently published their 2025 GenAI Code Security Report after testing code from over 100 large language models. The headline finding? AI-