InfoSunrise – Daily Insights Across Tech, Travel, Lifestyle & More

Latest News, Trends & Expert Picks in One Place

Tech

A shocking amount of companies are knowingly shipping insecure code – and it might be hard to recover

Byadmin

Aug 18, 2025 #5G technology, #AI technology, #artificial intelligence, #augmented reality, #best laptops, #best tech apps, #blockchain, #cloud computing, #cryptocurrency, #cybersecurity, #digital transformation, #emerging tech, #future technology, #iOS vs Android, #latest inventions, #latest tech news, #machine learning, #new gadgets, #robotics, #smart home devices, #smartphones, #software updates, #tech, #tech comparisons, #tech industry news, #tech innovations, #tech reviews, #tech startups, #tech tips and tricks, #tech trends, #tech tutorials, #technology, #top tech of 2025, #virtual reality, #wearable tech
  • Four in five companies knowingly ship vulnerable code, survey warns
  • One-third say 60% of their code is now AI-generated
  • Orgs need to use AI to identify vulnerabilities

A study of 1,500 CISOs, AppSec Managers and developers conducted by Checkmarx has claimed four in five (81%) companies knowingly ship vulnerable code, putting them and their users at risk of attack.

An estimated one in two respondents already use AI security code assistance, with around one-third (34%) admitting that more than 60% of their code is AI-generated – which can often contain known vulnerabilities by default.

An overwhelming majority (98%) have experienced a breach due to vulnerable code in the past year, and yet they continue to ship vulnerable code without implementing the right protective measures.

Companies are shipping vulnerable, AI-generated code

The report outlines how generative AI has now eroded developer ownership with code less likely to be affiliated with any particular individuals. It has also expanded the attack surface by reopening vulnerabilities that could previously have been avoided with proper coding expertise.

The trend has largely been blamed on artificial intelligence, with vibe coding on the rise and many developers now opting to edit AI-generated code rather than write their own from the ground up.

The lack of governance around this has created what the company describes as the perfect storm.

Fewer than half of the respondents were found to be using foundational security tools like DAST and IaC scanning, with a similar number using DevSecOps tools.

Looking ahead, Checkmarx stresses security should be built into projects right from coding level, with organizations urged to establish policies for AI tool usage. Acknowledging that developers are now actively using AI, Checkmarx suggests that, instead of banning it, companies should also utilize agentic AI to analyze and fix issues across projects.

“AI generated code will continue to proliferate; secure software will be the competitive differentiator in the coming years,” Checkmarx VP of Portfolio Marketing Eran Kinsbruner concluded.

You might also like

By admin

Related Post

Tech

Are they brave or stupid? Malware targeting Russian crypto hackers found

Aug 18, 2025 admin
Tech

Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

Aug 18, 2025 admin
Tech

Texas AG accuses Meta, Character.AI of misleading kids with mental health claims

Aug 18, 2025 admin

You missed

World

The children abandoned by South Korea’s adoption policy

August 18, 2025 admin
World

Zelenskyy arrives at White House for talks with Trump

August 18, 2025 admin
World

Right-wing US network Newsmax to pay $67m over false 2020 election claims

August 18, 2025 admin
World

How Trump and Zelenskyy’s second Oval Office meeting differed from the first

August 18, 2025 admin