|
|
|
|
|
|
by upflag
97 days ago
|
|
|
This is terrifying but not surprising. I shipped unauthenticated admin endpoints once in a project that was extensively planned out with AI. The volume of code AI generates makes it really easy for vulnerabilities to slip through because review gets lighter as output gets faster. The two things that actually help: dedicated security review sessions in a fresh context (the building session won't catch its own mistakes), and monitoring for unusual patterns like the CPU spike that caught this. If your first sign of compromise is high CPU, at least something was watching. |
|
|
What worried us in this incident is that even if you catch everything during review, new CVEs can appear later and suddenly make previously “safe” code vulnerable.
That’s why we started treating monitoring as part of the platform itself — every service runs with centralized checks so unusual behavior (CPU spikes, unexpected processes, endpoint exposure) gets flagged quickly.