razhaelFeb 4
To the pen testers, red teamers and IR folks out there: How often are you encountering vibe coding in your engagements? I'm curious whether and how often vibe coded software is leaving the door open to your clients' networks. Leave a comment or PM me if you have thoughts.
Show threadDan GoodinFeb 4

@razhael

Not sure this counts, but one of the wipers used in the December attack against Poland's electric grid -- or at least part of the wiper -- was written by a LLM.

Show threadDave Wilburn Feb 4

@dangoodin @razhael

Based on the cert.pl report?

https://cert.pl/uploads/docs/CERT_Polska_Energy_Sector_Incident_Report_2025.pdf

Show threadDan GoodinFeb 4

@DaveMWilburn @razhael

Yep.

Show threadrazhaelFeb 4
@dangoodin @DaveMWilburn I'd missed that part!
Show threadDan Goodin

@razhael @DaveMWilburn

I'm curious to know what you think of that. Why do you think the attackers did this? The method used in the script was designed to speed up the overwrite processes but had the opposite effect. Do you think vibe coding was responsible for this deficiency?

Feb 4 at 9:01pmWeb
Show threadBert DriehuisFeb 4
@dangoodin @razhael @DaveMWilburn I'm not privy to the code, but having assisted experienced developers with tackling file write performance issues, I have observed that most have incorrect instincts until they dive in deeply. It doesn't take an LLM to come up with a suboptimal algorithm.