All articles

AI Security

(3 articles)
OpenAI Assistants API: Thread-ID Enumeration and Hijacking
OpenAIAssistants APIIDOR

June 4, 2026 · VibeWShield Team

OpenAI Assistants API: Thread-ID Enumeration and Hijacking

Thread IDs in the Assistants API are long but predictable in vibe-coded chat UIs. A classic IDOR lets attackers read prior conversations by incrementing a counter on your side.

Read article
Why We Built VibeWShield
ProductStoryTeam

April 25, 2026 · VibeWShield Team

Why We Built VibeWShield

Every week we were reviewing AI-generated apps with the same bugs — exposed Supabase keys, client-side admin checks, Server Actions that trust the client. Traditional DAST tools didn't care. So we built a scanner that does.

Read article
What is VibeWShield? A 90-Second Explainer
ProductAboutDAST

April 21, 2026 · VibeWShield Team

What is VibeWShield? A 90-Second Explainer

VibeWShield is a free DAST scanner built specifically for apps generated by Cursor, Lovable, Bolt, Replit, and v0. Here's what it does, how it differs from traditional security tools, and why AI-generated code needs its own scanner.

Read article