The 5 Failure Modes That Kill Every AI-Built App
From IDORs to the AI-reviewing-AI doom loop — here's why 80% of vibe-coded apps never reach production, and what to do about it.
Deep dives on AI code quality, security audits, and what actually happens when you ship AI-built apps to production.
From IDORs to the AI-reviewing-AI doom loop — here's why 80% of vibe-coded apps never reach production, and what to do about it.
Between June 30 and July 2, 2026, seven major AI agent vulnerabilities were disclosed or exploited. Cursor had a zero-click RCE. Ten of eleven open-source coding agents were vulnerable to shell injection. AI agents were hallucinating 250,000 domains that adversaries could register. HN didn't notice any of it. Four days later, CISA put the first AI agent platform on KEV.
Two papers published in the last three weeks define the first static analysis framework for AI agent programs and a risk-scoping BOM standard. They found 238 taint-style prompt-to-tool risks across 5,399 real-world agents — and their evaluation required a manual audit set because automated tools can't make trust judgments. The audit market now has academic backing.
Tenet Security researchers discovered a novel attack class where fake error reports injected through a public Sentry DSN cause AI coding agents to execute attacker-controlled code on developer machines. 85% success rate across Claude Code, Cursor, and Codex. 2,388 organizations confirmed exposed. And the same blind spot exists in every MCP-connected data source your developers trust.
Friendly Fire and GhostApproval: two exploits published within 48 hours prove that AI coding agents can't secure themselves — and the government is mandating them anyway.
The 'Top 10 Agentic AI Security Platforms for 2026' just dropped. All ten are automated. Here's why the sixth layer — human-led audit — is the one that catches what the other five miss.
Sophos found that Claude Code, Cursor, and OpenAI Codex trigger the same EDR alerts as human intruders. If your security tools can't tell the difference between your agent and an attacker, how do you know which is which?
Alibaba reverse-engineered Claude Code and found hidden tracking logic checking for 147 Chinese domains. Starting July 10 — yesterday — Claude Code is banned. This is what happens when 'trust us' meets 'we checked.'
Anthropic silently encoded steganographic tracking into Claude Code's system prompt using invisible Unicode characters. It was discovered by reverse engineering, not disclosed. This isn't just about one tool — it's the seventh dimension of the AI agent trust crisis.
Researchers turned Claude Desktop into a persistent command-and-control agent using nothing but the Personal Preferences field. No malware. No exploits. Just a synced prompt and an MCP extension. The attack has zero HN coverage and changes the threat model for every AI assistant on every developer machine.
No spam. Just deep dives on AI code quality and security. Drop your email or follow along.
Get in touch →