Bob Starr was delighted with his vibe-coded website. “Boomberg” showed how much US tax money is going to tech companies, and Starr launched it online immediately after making it. It wasn’t until months after the site went live that he realized there was a problem: a hidden SQL injection risk. It could’ve left the site open for an attacker to read or alter data they shouldn’t have access to.
“It was just a glaring oversight on my part. It was a complete blindspot in my state of learning this new technology and understanding it, and I’m sure there are others making the same mistake,” said Starr, a project manager in the tech sector.
“It was a complete blindspot in my state of learning this new technology and understanding it.”
Starr fixed the issue, but he isn’t alone. Across social media, there are horror stories about vibe-coded apps full of security vulnerabilities. Jer Crane, founder of PocketOS, posted on X about an AI coding agent wiping out his company’s production database. Joe Procopio, a serial entrepreneur and former developer, vibe-coded a web app to privately show demos of other apps he’d built. Hackers came, so he took the app down. “Now I do demos the old fashioned way, from my local machine over Zoom,” he wrote. “It’s sooo 2023.”
We’ve entered a new “era of personal software,” as The Verge’s David Pierce said, where anyone can use AI to create their own private apps that can do exactly what they want. But with it comes a new era of security issues. Apps may be easy to build, but they’re difficult to secure — especially in a world where AI can also be used to attack them.
“My general core take is that vibe coding is not bad because amateurs can build software. That’s actually the good part,” says Gabriel Bernadett-Shapiro, distinguished AI research scientist at AI-powered cybersecurity firm SentinelOne.
The danger, he says, is when a personal app drifts into the realm of business software and stores shared, hosted data without anybody realizing that shift has happened. And, he says, the calculus changes when vibe coding moves away from local apps for tracking migraines or meals or package deliveries and enters the realm of apps that handle customer logs, medical data, financial records, or internal documents.
“Those need to be held to a different standard. Even if it was built by one person in an afternoon. Even if the software creating the software was trivial. The moment that it touches other people’s personal data, then that’s when I think the standard changes.”
Jack Cable, CEO and cofounder of Corridor (the security platform built for AI-native software development), agrees.
“Vibe coding is not bad because amateurs can build software. That’s actually the good part.”
“Vibe coding is great for lower risk things,” Cable says, such as a prototype, or a fitness tracker that isn’t super sensitive. But financial records deserve more scrutiny, he says, as does anything on the public internet. “Are you exposing any of your own or other people’s data there?” he asked. “Think through what the threat model looks like, and if you’re not sure if something you’re doing is secure, better safe than sorry.”
That is what Max Segall, chief operating officer at the crypto wallet firm Privy, had done after he vibe-coded EzRun as a fun way of rewarding his kid with $10 in Ethereum every time the two went running together. Thankfully, a colleague found a critical flaw that would have let anyone modify user accounts to gain access — before launch.
In a more concerning and high-profile case in late January, a developer named Matt Schlicht launched a viral social network called Moltbook. It was built entirely for AI agents, and he did not write a single line of code. Within days, researchers at the security firm Wiz says it found the app’s entire production database wide open, exposing tens of thousands of email addresses and private messages. Moltbook patched the bug shortly after being told about it, but this wasn’t a one-off. Wired reported that researchers at cybersecurity firm Red Access found roughly 5,000 publicly accessible apps built with popular vibe-coding tools that had no authentication, and close to 2,000 of those appeared to be leaking sensitive data like medical and financial information, strategy documents, and even logs of chatbot conversations.
To be fair, plenty of professionally made pre-AI software is woefully insecure, too. But just as vibe coding exponentially increases the number of apps being produced, the number of security risks is also likely skyrocketing. And it adds the risk of overconfidence. When an AI tool tells you code is secure, it’s easy to believe it.
“If you’re not sure if something you’re doing is secure, better safe than sorry.”
And in a normal vibe-coding session, nothing stops to check on its own unless you’ve installed something that has, which most casual coders have not. The build just keeps going. The security tools that exist have to be invoked. While Claude Code has a /security-review command that scans for vulnerabilities, you have to ask it to do so. There’s an automatic version, but only if you set it up to run on pull requests in advance, which is something that most casual builders aren’t doing.
OpenAI’s own coding agent Codex has a built-in security agent, Codex Security, that scans commits as they land and re-scans its own proposed patches, but it’s aimed at developers with real version-control workflows, not someone chatting an app into existence. For everyone else, the takeaway is simple: You have to prompt for security up front when you build, and again at the end, especially, any time the tool has access to data you care about.
“A lot of security is contextual,” Cable says, so while it definitely doesn’t hurt to run a coding agent’s own review, he cautions against having a false sense of security from it, especially when the agent doesn’t understand your threat model, or you haven’t given it the correct guidance.
Bernadett-Shapiro says that his biggest concern is not buggy AI-generated code, but a lack of authentication, something developers may not think about when they transition an app they run locally into the cloud with a bunch of configuration options they don’t understand, leading to sensitive data being exposed. This is the failure that worries him most, and for good reason: Apps that run fine locally put on the cloud can be like leaving a box of secrets open on the sidewalk — something researchers keep finding.
AI is good at finding bugs when prompted. There have been improvements in models with things like Mythos, the same Anthropic model that set off alarm bells for how easily it finds vulnerabilities to attack, which can also be used to harden apps vibe coders are building. Bernadett-Shapiro says GPT-5.5-Cyber, or even the base models of other applications, can assess the security and identify issues in an app that even a skilled developer may have looked over. Of course, he points out that people may not understand security tradeoffs they’re making or even ignore warnings as acceptable risk.
“A lot of security is contextual.”
Some of the scaffolding is starting to exist. OWASP, the nonprofit behind many web security standards, has published an AI security verification standard aimed at organizations. Firms like Trail of Bits have started releasing “skills,” add-on instruction packs that point a coding agent at specific security tasks, like flagging insecure default settings or hardcoded passwords before they ship. Skills have to be specifically triggered, so they don’t fit very naturally into the flow of development, Cable says, and it’s hard to keep them updated and synchronized across coding agents and as the codebase changes.
Beyond that, skills can cut both ways, because malicious skills also exist.
In February, 1Password’s Jason Meller examined the most downloaded skill on a popular OpenClaw skill registry and found that it directed users to install a dependency that ended up being malicious itself. It’s still the Wild West out there and can be difficult to tell whether a skill will harden your app or hand an attacker your credentials.
The potential of insecure vibe-coded apps isn’t a problem limited to hobbyists. Cable says engineers and even sales and marketing teams at big companies are now shipping far more agent-written code than before. Security teams need baseline visibility into how the agents are being used, he says, as well as guardrails that get enforced — either through skills or through products like the one Corridor sells, which aim to stop flaws before the code is even written.
For individuals, Cable’s guidelines are much simpler: Be aware that a model running locally on your own computer is far less risky than one made public, especially if it contains sensitive data.
“Literally overnight, the way most companies produce software has changed completely,” Cable says. He’s not especially worried about the coding agents themselves as long as they’re given the right guardrails in which to operate. The models themselves are increasingly built on a memory-safe stack that eliminates entire classes of vulnerabilities to begin with. “I do think there is reason to be optimistic here,” he says.
Government affairs specialist Jeff Rothblum vibe-coded an app for tackling mountains of tedious data entry with security in mind. He thought about what information the app holds, how sensitive it is, and what could happen if it got out. It’s a striking approach because it is so rare, and because the ground beneath us is shifting so quickly.
While working as head of government affairs and strategy at Lilt, he had to submit input forms to various government committees to get ideas into appropriations bills. No two forms are alike, so lobbyists may submit dozens or even hundreds of unique ones in a six-week period. After eight 75-hour weeks, and a layoff, he built a tool in case he ever had to do this again. It’s an app that scrapes links and due dates into a single dashboard and uses an LLM to prepopulate each form, so users only need to review and edit it (and paste in an account number) before submitting.
Vibe-code the app of your dreams, but think through what data the app is storing and has access to and what could go wrong.
He was well aware of the risk because he didn’t write his own code. “The last time I wrote code was probably in undergrad in 2006 writing Fortran to analyze fluid flows as an aerospace engineer,” Rothblum told The Verge. The biggest risk is that companies could inadvertently leak strategies or sensitive lobbying rationale, which stay private even when the filings are public. He’s mitigating this risk by running regular security reviews in Claude, keeping user data local rather than on his servers and building toward stricter retention safeguards.
He has vibe-coded his app to clear the browser and is upfront about the page sending data to Claude, linking to its retention policy. He’s working on a version of the app in which nothing a user types is stored by AI, even briefly, and a separate version that would let users route everything through their own LLM rather than his Claude instance.
While Rothblum has thought of building a broader lobbying intelligence tool, he says that if he does start working with more sensitive data, he intends to shell out four to five figures to pay an actual security engineer to review his code.”I’m happy with open-source stuff and I’m happy with ephemeral stuff, but everything else kind of scares me,” he says.
It is ideal to have a human expert review code, but Cable says that’s becoming a bottleneck. The open question, he says, is what the world looks like when most code ships without any human reading it and how we secure that world.
For now, the answer for the rest of us is smaller and more within reach: Vibe-code the app of your dreams, but think through what data the app is storing and has access to and what could go wrong. Ask it to build it with security in mind, and run code reviews after each change, including the patches the AI writes itself. Pay extra close attention before you move it from your own device into the cloud or give it access to any sensitive data or accounts. The difference between a fun project and a horror story starts with knowing what questions to ask.

SYDNEY, June 22 (Reuters) – Australia said on Monday it will sell advanced radar technology capable of detecting long-range ‌missiles to Canada under a A$2.5 billion ($1.75 billion) ‌agreement, the country’s largest-ever defence export deal.
The agreement is Australia’s first overseas sale ​of the radar, known as Over-the-Horizon Radar technology, and will support Canada’s surveillance of the Arctic region.
“Today’s agreement marks a significant milestone in Australian defence trade and lays the foundation for ‌deeper and mutually beneficial ⁠defence industry collaboration with Canada,” Prime Minister Anthony Albanese said in a statement.
Canada’s Arctic region represents ⁠about 40% of its total landmass, though it is sparsely populated and has little infrastructure. Much of Russia’s Arctic area, which ​is about ​a fifth of its landmass, ​faces Canada and the ‌U.S. state of Alaska.
“Canada is reinforcing Arctic security through the Arctic Over-the-Horizon Radar project,” said Stephen Fuhr, Canada’s secretary of state for defence procurement.
“This project is part of a broader effort to build an integrated Arctic surveillance and communications network that ‌will strengthen Canada’s ability to monitor, ​understand and respond to activity in ​the Arctic.”
Australia’s Jindalee Operational ​Radar Network can detect and track aircraft, ‌ships and missiles up to 3,000 ​km (1,864 miles) away.
The ​deal to share the technology with Canada will create around 300 jobs in Australia and is the first ​stage of a ‌broader collaboration between the two countries on the radar, ​Australia said.
($1 = 1.4269 Australian dollars)
(Reporting by Christine Chen in ​Sydney; Editing by Christopher Cushing)

The AI boom has created a market where good results are no longer good enough. Investors have rewarded companies tied to artificial intelligence with premium valuations, but they have also become far less forgiving. A strong quarter can still lead to a falling stock price if management fails to convince Wall Street that growth is accelerating. We’ve already seen it happen to semiconductor leaders this year. Now it’s Micron Technology‘s (NASDAQ:MU | MU Price Prediction) turn in the spotlight.
And with the stock up nearly 300% year-to-date and roughly 830% over the last 12 months, expectations have never been higher.
AI Memory Demand: The Hottest Corner of Semiconductors
Micron’s rally hasn’t come out of nowhere. The company sits at the center of one of the tightest supply-demand imbalances in technology.
Demand for high-bandwidth memory (HBM), the advanced memory used alongside AI accelerators from Nvidia and others, continues to outpace supply. At the same time, prices for both DRAM and NAND memory have climbed as manufacturers prioritize higher-margin AI products and capacity remains constrained. Reuters recently noted Micron’s earnings growth is being driven by soaring memory prices and strong HBM demand.
The memory market is also highly concentrated. SK hynix, Samsung, and Micron control roughly 89% of the global DRAM market, according to Counterpoint Research, giving the trio unusual pricing power.
That combination of rising prices, tight supply, and explosive AI demand has transformed Micron from a cyclical memory maker into one of Wall Street’s favorite AI trades.
Beating Estimates Isn’t Enough Anymore
Micron reports fiscal third-quarter results on Wednesday, June 24, after the market closes.
According to Zacks, analysts expect fiscal Q3 revenue of approximately $34.8 billion and earnings of $19.72 per share, representing revenue growth of 268% and earnings growth of more than 930% year-over-year.
Those numbers are extraordinary. Yet they may not be enough. The market’s new standard is “beat and raise.” Investors want proof that future growth will exceed current expectations. Results matter, but guidance matters even more.
That’s exactly what tripped up both ASML (NASDAQ:ASML) and Broadcom (NASDAQ:AVGO) this year. ASML delivered a beat-and-raise quarter, but the increase in guidance was modest, leading to an initial selloff. Broadcom beat earnings estimates too, but its outlook failed to satisfy investors who had priced in even more growth, causing a bloodbath with its shares.
Micron faces the same challenge. Consensus expectations currently call for another strong quarter in fiscal Q4 and continued growth into fiscal 2027. To keep the stock’s momentum intact, management will likely need to exceed Q3 estimates, beat the whisper numbers circulating on Wall Street, and raise guidance for the current quarter and beyond.
Valuation Gives Micron an Edge
That said, Micron has one advantage Broadcom lacked heading into earnings: valuation. Broadcom entered earnings priced for near perfection. Micron doesn’t. Even after its massive run, Micron trades for less than 10 times forward earnings and carries a minuscule PEG ratio of approximately 0.07. Those metrics remain far below many AI-related peers.
Granted, Micron is no longer the bargain it was a year ago. Yet investors are still paying a relatively modest multiple for a company benefiting from AI-driven demand, rising memory prices, and supply shortages that industry leaders believe could persist well into 2027.
Key Takeaway
In short, Micron must deliver a stellar beat and an equally stellar forecast on June 24. Anything less risks a short-term selloff because expectations have risen almost as fast as the stock itself.
Regardless of how the market reacts immediately after earnings, the long-term story remains intact. AI demand continues growing, HBM remains supply-constrained, and memory pricing remains favorable. Those trends have driven Micron’s 830% gain over the past year, and they aren’t disappearing overnight.

It’s been a history-making last five weeks for Wall Street. In no particular order, we’ve witnessed:
The iconic Dow Jones Industrial Average (^DJI +0.14%), widely followed S&P 500 (^GSPC +1.08%), and technology-fueled Nasdaq Composite (^IXIC +1.91%) jump to record highs.
The largest-ever initial public offering in Wall Street’s history: Space Exploration Technologies (SpaceX).
The start of a new era at the Federal Reserve, with Jerome Powell’s term as Fed chair ending on May 15, and Kevin Warsh’s tenure officially starting on May 22.
President Donald Trump’s handpicked successor to Powell became the center of attention for financial markets last week. On June 17, Warsh led his first Federal Open Market Committee (FOMC) meeting as Fed chair — and it was a doozy.
While some things went as expected, a Kevin Warsh-led Fed brought several surprises to the table for Wall Street and investors. This included subtly throwing President Trump and former Fed Chair Powell under the bus concerning inflation.
Fed Chair Warsh lumps the blame for elevated inflation on his predecessor and the president
As expected, the FOMC — the 12-person body, including Warsh, responsible for setting the nation’s monetary policy — left the federal funds target rate unchanged on June 17. But it’s what Fed Chair Kevin Warsh said while speaking with the press after his first FOMC meeting that’s raising eyebrows and sounding alarm bells.
Breaking from Powell’s tradition of sharing the FOMC’s thought process and offering forward-looking guidance, the Federal Reserve’s FOMC statement was short and to the point under Warsh, noting that “inflation remains elevated relative to the Committee’s 2 percent goal.”
During his press conference following the FOMC meeting, Warsh bluntly stated,
The commitment to deliver [price stability] is strong, unanimous, and unambiguous. And that’s an important message we’ve missed for five years. And we’re going to fix that.
Warsh plainly assigns blame for elevated inflation to his predecessor, Jerome Powell, for keeping interest rates at record lows for too long, as well as for allowing the central bank to balloon its balance sheet with long-term Treasury bonds and mortgage-backed securities.
But Powell isn’t the only key figure that’s subtly thrown under the bus by Kevin Warsh in his first FOMC meeting as Fed chair. While the new head of the Fed didn’t mention Powell or Trump by name in any of his remarks, his comments to the press about elevated inflation inadvertently placed the onus of blame on the president:
Inflation remains elevated relative to the Committee’s 2% goal. In part, reflecting supply shocks that have driven price increases in certain sectors, including energy.
Although Warsh didn’t directly address the Iran war, his singling out of the energy sector speaks volumes. Trump’s decision to attack Iran on Feb. 28, and Iran’s subsequent closure of the Strait of Hormuz, led to the largest energy supply disruption in modern history. Energy prices soared in the wake of this closure, pushing U.S. trailing 12-month inflation from 2.4% in February to a three-year high of 4.2% in May.
However, it’s worth pointing out that Warsh used the plural of “sectors” in his discussion. While energy prices tied to the Iran war remain the key catalyst for elevated inflation, President Trump’s tariffs have also been a persistent thorn for prices in the goods sector.
Bye-bye transparency! Hello, rate hikes?
But subtly assigning blame for persistently elevated inflation was only part of the story of Kevin Warsh’s first meeting as Fed chief. He also offered expected but disturbing guidance on what’s to come from policymakers and danced around a worrisome dot plot.
Perhaps the most profound statement made by Warsh in response to a question from the press was that “forward guidance isn’t the business we should be in.”
Before being confirmed as Fed chair by the Senate Banking Committee, Warsh’s testimony pointed to his desire to rid the central bank of most forward-looking guidance. He’s long believed that financial markets operate inefficiently when they move because of whims rather than facts.
The issue is that Wall Street and investors have become somewhat addicted to the transparency and forward-looking data provided by the central bank. Even though policymakers are fallible and the FOMC has been behind the curve in adjusting its monetary policy stance on several occasions, transparency and predictability are highly valued attributes by Wall Street and investors.
Without much in the way of forward-looking guidance, predicting what a Warsh-led Fed will do next becomes far more difficult. For the second-priciest stock market in history (dating back 155 years), a sudden lack of monetary policy transparency is unlikely to sit well with investors.
At the same time, Warsh’s first FOMC meeting as Fed chair coincided with the quarterly release of the Summary of Economic Projections, which is more commonly known as the “dot plot.” The dot plot anonymously projects where each of 19 policymakers (not all 19 are voting FOMC members) expects interest rates to head.
Warsh confirmed that he abstained from submitting forward-looking guidance via the dot plot. However, nine of his other 18 colleagues projected that interest rates would be higher than they are currently by the end of 2026.
Higher interest rates have the potential to slow the artificial intelligence data center build-out that has primarily fueled the Dow’s, S&P 500’s, and Nasdaq’s historic rallies.
It’s a brand-new era for the Federal Reserve, and Wall Street is simply along for the ride.

President Trump has claimed that United States Park Police have made several arrests in connection with what he described as deliberate sabotage of the Lincoln Memorial Reflecting Pool in Washington D.C., which underwent a multimillion-dollar renovation earlier this year.
“The United States Park Police have arrested multiple individuals for vandalizing our Nations magnificent Reflecting Pool,” Trump wrote on Truth Social late Saturday evening. “These are very serious crimes having to do with the destruction of National Monuments. Years in jail! Work will begin immediately on its repair.”
In a second post on Saturday, Trump described the alleged damage in greater detail, saying more arrests had followed. He provided no evidence for any of his claims about the nature of the damage, and neither the Park Police nor any other law enforcement agency had publicly confirmed any arrests as of the time of publication.
On Friday, Maryland resident and former Olympian David Hearn was arrested and charged with destroying government property. Hearn says he merely reached into the pool to touch one of the already dislodged blue pieces, and denies the charge.
Trump said that the pool would be drained and repaired quickly, and framed the alleged vandalism as an affront to American history. “We met with contractors today, will probably be forced to release and drain much of the water in order to do the necessary repairs,” he wrote. “What these terrible Vandals have done is a true affront to both Presidents George Washington and Abraham Lincoln, and should be dealt with accordingly”.
‘A 250-foot long gash’
Trump described what he said was physical destruction to the pool’s newly renovated lining. “They took some form of knife or blade, and put a 250 foot long gash into the beautiful facade of what took so much work, competence, and money to build and complete,” he wrote Saturday. “They also poured corrosive and destructive chemicals into the Pool.”
The president connected the alleged vandalism to the recent green color of the pool — again, without evidence. The pool turned green last week after being refilled following its renovation, in which its floor was repainted in a shade Trump calls “American flag blue.”
Aquatic ecologists and pool specialists told NPR the discoloration was caused by a natural bloom of algae from the genus Desmodesmus — a process scientists say is common in shallow, sun-exposed bodies of water, and one that may have been accelerated by the renovation disturbing the nutrient balance of the water.
A George Mason University professor who took water samples confirmed the algae was not toxic.
A renovation that grew in scope and cost
In April, Trump revealed his plans for the pool to be made “American flag blue,” in time for the 250th anniversary of the Declaration of Independence on July 4. The president also posted a fake image of himself and several of his administration officials in swimsuits, along with an unidentified woman in a bikini lounging in the water.
Trump defended the recent work in his Saturday post, writing: “The Reflecting Pool was never so beautiful as it was just one week ago, even going back to 1922 when it opened.” The pool opened in 1923.
The renovation project expanded significantly beyond the initial public cost estimate of $2 million, to more than $14 million by the time work was completed. A Virginia-based contractor received the no-bid contract. A separate Ohio-based company was paid approximately $1.7 million for nanobubble ozone technology deployed to treat the algae bloom.
The project was also the subject of a lawsuit filed in May by the Cultural Landscape Foundation, a nonprofit that argued the administration had bypassed required historic preservation reviews. A federal judge had not yet ruled on the case by the time the administration notified the court that work had been completed.
The White House has also provided no evidence that vandalism caused the pool’s discoloration, or any of the structural damage the president has described.