Shadow AI apps expose sensitive corporate data

Cybersecurity firm RedAccess discovered approximately 5,000 applications built using 'vibe coding' tools that exposed sensitive corporate information. These applications, often created by non-technical employees, are publicly accessible and indexed by search engines, bypassing traditional security measures. The exposed data includes financial records, patient information, and internal company strategies, potentially leading to regulatory violations under laws like GDPR and HIPAA. This highlights a significant security gap where AI-generated code lacks proper security configurations and access controls, creating a new frontier for data breaches.