Vibe Coding, Slopsquatting, and the Future of AI in Software Development
AI Security Podcast12 Jun 2025

Vibe Coding, Slopsquatting, and the Future of AI in Software Development

In this episode, we welcome back Guy Podjarny, founder of Snyk and Tessl, to explore the evolution of AI-assisted coding. We dive deep into the three chapters of AI's impact on software development, from coding assistants to the rise of "vibe coding" and agentic development.

Guy explains what "vibe coding" truly is, a term coined by Andrej Karpathy where developers delegate more control to AI, sometimes without even reviewing the code. We discuss how this opens the door for non-coders to create real applications but also introduces significant risks.

Caleb, Ashish and Guy discuss:

  • The Three Chapters of AI-Assisted Coding: The journey from simple code completion to full AI agent-driven development.
  • Vibe Coding Explained: What is it, who is using it, and why it's best for "disposable apps" like prototypes or weekend projects.
  • A New Security Threat - Slopsquatting: Discover how LLMs can invent fake library names that attackers can exploit, a risk potentially greater than typosquatting.
  • The Future of Development: Why the focus is shifting from the code itself—which may become disposable—to the importance of detailed requirements and rigorous testing.
  • The Developer as a Manager: How the role of an engineer is evolving into managing AI labor, defining specifications, and overseeing workflows


Questions asked:

(00:00) The Evolution of AI Coding Assistants(05:55) What is Vibe Coding?(08:45) The Dangers & Opportunities of Vibe Coding(11:50) From Vibe Coding to Enterprise-Ready AI Agents(16:25) Security Risk: What is "Slopsquatting"?(22:20) Are Old Security Problems Just Getting Bigger?(25:45) Cloud Sprawl vs. App Sprawl: The New Enterprise Challenge(33:50) The Future: Disposable Code, Permanent Requirements(40:20) Why AI Models Are Getting So Good at Understanding Your Codebase(44:50) The New Role of the AI-Native Developer: Spec & Workflow Manager(46:55) Final Thoughts & Favorite Coding Tools


Resources spoken about during the episode:

AI Native Dev Community

Tessl

Cursor

Bolt

BASE44

Vercel

Episoder(51)

The Zero-Click AI Hack: How to Contain the Blast Radius of Autonomous Agents

The Zero-Click AI Hack: How to Contain the Blast Radius of Autonomous Agents

Is an AI agent's identity a workload or an action? Ashish spoke to Elie Bursztein, Distinguished Research Scientist and co-author of Google SAIF (Secure AI Framework) about how it is neither and that ...

29 Apr 47min

Buy vs. Build AI Security: Why [Box.com](http://Box.com) CISO is Creating their Own Agentic SOC

Buy vs. Build AI Security: Why [Box.com](http://Box.com) CISO is Creating their Own Agentic SOC

If your AI solution is just helping humans process the same amount of alerts a little faster, you haven't transformed anything, you've just created a faster hamster wheel.In this episode, Ashish and C...

22 Apr 46min

Anthropic's Project Mythos: Why the "Zero-Day Machine" is Terrifying the Security Industry

Anthropic's Project Mythos: Why the "Zero-Day Machine" is Terrifying the Security Industry

In this episode, Ashish and Caleb discuss the internet-breaking preview of Project Mythos, an unreleased AI model from Anthropic that has shown an unprecedented, terrifying ability to reason through c...

18 Apr 1h 3min

Are AI Security Startups Faking It? How to Separate Signal from Noise

Are AI Security Startups Faking It? How to Separate Signal from Noise

With over 70 startups claiming to have built the perfect "AI SOC Analyst" or "AI Threat Hunter," how do you separate the real products from the vaporware? Recorded live at Decibel RSAC Founder Festiva...

15 Apr 47min

How Lovable Manages 100+ Daily Changes, Vibe Coding & Shadow AI

How Lovable Manages 100+ Daily Changes, Vibe Coding & Shadow AI

What does it actually look like to run security inside one of Europe's fastest-growing AI companies? In this episode, recorded live at the Munich Cybersecurity Conference (MCSC), Ashish Rajan sat down...

2 Apr 57min

Questions Every CISO Must Ask AI Security Vendors

Questions Every CISO Must Ask AI Security Vendors

RSA Conference 2026 is here and the AI agent hype machine is louder than ever. In this episode, Ashish and Caleb cut through the noise and arm CISOs, practitioners, and security teams with a clear-eye...

18 Mar 50min

Will Foundation Models Kill Security Startups?

Will Foundation Models Kill Security Startups?

Did Anthropic just kill the AppSec industry? Following the announcement of Claude Code Security, a tool that finds, reasons about, and fixes code vulnerabilities, major security stocks dropped by 8% ....

5 Mar 59min

How to Build Your Own AI Chief of Staff with Claude Code

How to Build Your Own AI Chief of Staff with Claude Code

What if you could automate your entire work life with a personal AI Chief of Staff? In this episode, Caleb Sima reveals "Pepper," his custom-built AI agent to Ashish that manages emails, schedules mee...

11 Feb 47min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
tomprat-med-gunnar-tjomlid
teknisk-sett
shifter
energi-og-klima
elektropodden
fornybaren
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
hans-petter-og-co
rss-alt-som-gar-pa-strom
smart-forklart
teknologi-og-mennesker
kunstig-intelligens-med-morten-goodwin
rss-ai-forklart
rss-bouvet-bobler
rss-ki-praten
rss-fish-ships
rss-brukbart