Survey Finds Developers Knowingly Deploy AI-Generated Code With Security Vulnerabilities
A Checkmarx survey of 2,350 developers and security professionals found that 70% believe AI-generated code contains more vulnerabilities than human-written code, and 30% knowingly ship vulnerable code to production. The research shows that organizations with high AI code adoption deploy vulnerable code at 3.4 times the rate of those with low adoption. This matters because AI now accounts for roughly 50% of written code, creating significant security risks as development speed outpaces security practices.
Checkmarx's annual developer survey reveals a troubling disconnect between awareness and action regarding AI-generated code security. While 70% of respondents acknowledge that AI code has significantly more vulnerabilities, 30% admit to knowingly deploying vulnerable code into production, citing pressure to ship quickly and difficulty fixing vulnerabilities. The survey of 2,350 global developers, CISOs, and security managers shows that AI-generated code now represents approximately 49% of production code, with 93% of organizations reporting at least one security breach from vulnerable applications. The research indicates that organizations where 81-100% of code is AI-generated deploy vulnerable code at 3.4 times the rate of those with 1-20% AI adoption. Contributing factors include AI systems being trained on existing code that may contain vulnerabilities, developers relying on other controls to catch issues, and organizations failing to translate security tooling capabilities into actual processes.
What's missing
The survey relies on self-reported data from developers and security professionals, which may not reflect actual vulnerability rates or deployment practices. Additionally, the article lacks discussion of regulatory or compliance pressures that might influence these decisions, or comparison of vulnerability rates in AI-generated versus human-written code in real-world breach data.
How coverage differed
The Register presents this as a cautionary finding with emphasis on the systemic risk and resignation in the industry, while the framing focuses on the gap between awareness and action. Different sources might emphasize either the rapid pace of AI adoption benefits or the security costs, depending on their audience and editorial perspective.
What different sources said
- The RegisterCenter
Devs know AI code is riddled with holes, but ship it anyway
Related
Advanced Headlight Technology Legal in Europe and Canada Remains Banned in the United States
Adaptive driving beam (ADB) headlights that reduce glare by automatically dimming when detecting oncoming vehicles are widely used in Europe, Asia, and Canada but remain illegal in the United States despite being technically available in American vehicles. The technology uses LED pixels to intelligently adjust light patterns, addressing widespread complaints about increasingly bright headlights from modern SUVs and pickup trucks. The ban stems from outdated U.S. regulations requiring separate low and high beams, which the National Highway Traffic Safety Administration declined to update to international standards even after Congress authorized changes in 2021.
Linux Kernel Logic-Inversion Bug Enables Local Privilege Escalation Across Major Distributions
A single-character logic-inversion bug (CVE-2026-23111) in the Linux kernel was discovered in early 2025, allowing local privilege escalation and potential full device takeover with a severity score of 7.8/10. The vulnerability affects major Linux distributions including Debian, Ubuntu, and Red Hat Enterprise Linux, though exploitation requires specific conditions including nf_tables enabled and unprivileged user namespaces. The discovery highlights a broader surge in Linux kernel vulnerabilities and strains on maintainers dealing with AI-generated bug reports.
Nintendo Confirms Legend of Zelda: Ocarina of Time Remake Coming in 2026
Nintendo of America released a teaser trailer confirming a remake of The Legend of Zelda: Ocarina of Time is in development with a 2026 release window. The original N64 game, released nearly 30 years ago, is considered one of the greatest video games ever made and has never received a full HD remake for modern consoles. The announcement addresses long-standing fan demand for a next-generation version of the classic title.