REBL | You're Building Faster Than Ever. So Are the Hackers. article

The same tools that made you more capable made attackers more capable too. Both groups got upgraded by the same technology at the same time. Here is what nobody talks about at the launch party.

AI made everyone more capable. That includes the people trying to break into your stuff.

The same tools that made you more capable made attackers more capable too. They are not just better at breaking in. They are faster, more organized, and someone who used to need a team and weeks of work can now do it alone in a day. The barrier to causing serious damage came down for everyone at the same time.

And on the other side of that, there are now millions of new builders who never had to think about security before. People who connected an AI tool to their work account without checking what it can read. People who deployed an app without knowing if their API keys are sitting in a public file. People who connected ten services together and never asked what happens if one of them gets compromised.

That is exactly what happened at Vercel. One employee connected an AI productivity tool to his corporate Google account. Normal thing to do. Nobody reviewed it because nobody thought a productivity tool needed a review. Attackers had already compromised that tool months earlier. Once the employee granted access, they had a path into customer API keys and source code. The stolen data ended up on a hacker forum with a two million dollar asking price.

Nobody did anything obviously wrong. That is the point. There was just no moment where anyone stopped to ask: what does this tool have access to, and what happens if it gets compromised? There is also the question of what the tools themselves do with your data once you hand it over. We explored that in How Safe Is Your Company Data in an LLM?

That combination is the real problem. The environment is full of more capable attackers and full of builders who were never trained to think about protection. Both groups got upgraded by the same technology at the same time.

This is not an argument against building with AI. It is an argument for spending fifteen minutes thinking about what you are exposing while you build. Check what permissions you granted to your tools. Check what data your app can access. Check whether the things you deployed are locked down or wide open.

None of this is complicated. It is just easy to skip when you are excited about shipping.

At REBL we are pro-AI in everything we do. We also tell every client the same thing: the speed is real, the opportunity is real, and the risk of ignoring basic protections is also real.

AI is the best thing that happened to building. Just do not forget to lock the door.

You're Building Faster Than Ever. So Are the Hackers.

You connected the tools. Did you check the access?

Related Articles

AI is the new UI

Rethinking MVPs: What Still Works, What Doesn’t, and What Changed

GPT‑5: A Step Forward, Not a Breakthrough