Blog
Research & findings
Analysis from scanning thousands of recently shipped products.
Case StudyMay 21, 2026
A Founder Lost $2,500 Because His AI-Coded App Shipped a Stripe Secret Key in the Frontend
An AI coding tool put a live Stripe secret key directly in frontend JavaScript. Bots found it, charged 175 customers $500 each, and the founder ate $2,500 in processing fees.
Read →
ResearchApril 15, 2026
We Scanned 12,000 Vibe-Coded Apps. Not One Came Back Clean.
Across 12,000 recently launched products, every single app had at least one security finding. Here is what we found, and why the pattern is predictable.
Read →