AI is creating code faster - but this also means more potential security issues

News
By published

AI generates insecure code more quickly

A business woman looking at AI on a transparent screen
(Image credit: Shutterstock)
  • “AI is fixing the typos but creating the timebombs”, Apiiro says
  • 10x more security findings were highlighted in June 2025 vs. December 2024
  • AI is 4x quicker than humans, and can also reduce syntax errors and logic bugs

New research has claimed that despite its promised advances in helping code quicker and more effectively, the use of AI tools in coding may be throwing up security issues across the board.

Apiiro has quantified the vulnerabilities that companies could be exposing themselves to by using AI-generated code, finding AI-assisted developers were able to write 3-4x more code than their peers, however their code introduced 10x more security issues.

The vulnerabilities varied in severity, and while they weren’t always exploitable bugs, code quality still saw a noticeable drop.

AI-generated code can be really shoddy

Apiiro found insecure patterns, exposed secrets, new dependencies and cloud misconfigurations across AI-generated code, as well as the exploitable bugs that pose the biggest risk.

By June 2025, AI-generated code was throwing up 10,000 new security findings per month, a tenfold increase in the six months from December 2024.

However, artificial intelligence does have many clear benefits, too. According to the data, syntax errors in AI-written code dropped by 76% and logic bugs fell by over 60%. Conversely, privilege escalation paths surged by 322% and architectural design flaws rose by 153% – issues that reviewers struggle to spot.

“AI is fixing the typos but creating the timebombs," the researchers summarized.

Apiiro also noted AI-assisted developers exposed sensitive keys nearly twice as often as their unassisted peers. “Because assistants generate large, multi-file changes, a single credential can be propagated across multiple services or configs before anyone notices,” the explains.

All of this in an era when AI coding is actually being mandated – not just supported – by companies like Coinbase and Citi. Big Tech leaders also indicate that around one-third or more of their new code is AI-generated.

Companies should consider implementing further safeguards whenever they use AI-generated code, as it also serves as a reminder that human oversight, logic and experience cannot be overlooked.

You might also like

TOPICS
Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.