"Any exposure of source code or system-level logic is significant, because it shows how controls are implemented. In AI systems, that layer is especially critical. The orchestration, prompts, and workflows effectively define how the system operates. If those are exposed, it can make it easier to identify weaknesses or manipulate outcomes."
Four terabytes of data have reportedly been stolen, including database records and source code. Allegedly stolen data has been published on a leak site, containing Slack information, internal ticketing data, and videos of conversations between Mercor's AI systems and contractors.
Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
Vibe coding is the latest tech accelerator, and yes, it kind of rocks. New AI-assisted coding practices are helping developers ship new applications faster, and they're even allowing other business professionals to prototype workflows and tools without waiting for a full engineering cycle. Using a chatbot and tailored prompts, vibe coders can build applications in a flash and get them into production within days.
They are often trained on public domain code, which can be secure or insecure. The AI coding assistant is not able to identify which is which. It also rewrites code from these sources without noticing any logical issues that might exist. AI is rewarded based on whether it completes a task, not if it is done well, so it might create code that is not secure or without necessary security controls.
