Over one weekend, Secure.com pointed an AI-driven pentesting pipeline at three live production systems — a multi-tenant e-commerce marketplace, a generative AI imaging platform, and a consumer password manager. No human tester at the keyboard. The result: 21 vulnerabilities, 7 critical, and credentials sitting in places they had no business being, including inside a cybersecurity company's own public JavaScript bundle. None of it required zero-days or novel attack chains. Just publicly available AI tooling finding the places where standard hygiene broke down. This report documents every finding, how they chain together, and what that shift means for security budgets, engineering teams, and red teams operating in 2026.
Fill in your details to download the resource.