Fri, 13 Feb 2026
Vibe-coding tools - which let people without coding skills create apps using AI - are exploding in popularity.
* A popular "vibe-coding" tool called Orchids has a significant and unfixed cyber-security risk that allows hackers to gain access to users' projects and potentially their computers.
* The flaw was demonstrated by cyber-security researcher Etizaz Mohsin, who used it to gain access to his own project on the platform.
* Mohsin said that the ease with which the flaw can be exploited is a major concern, as it demonstrates the risks of allowing AI bots deep access to our computers in exchange for convenience.
* The Orchids team has been contacted repeatedly by the BBC but has not replied.
* The platform claims to have a million users and is used by top companies including Google, Uber, and Amazon.
* Experts say that the security implications of vibe-coding are significant, as code often fails under attack without discipline, documentation, and review.
* Cyber-security expert Kevin Curran said that the main security implication of vibe-coding is that it creates a new class of security vulnerability.
* Another cyber-security expert, Karolis Arbaciauskas, advised users to run these tools on separate machines and use disposable accounts for experimentation.
>>
Terms of Use | Privacy Policy | Manage Cookies+ | Ad Choices | Accessibility & CC | About | Newsletters | Transcripts
Business News Top © 2024-2025