"With a 60% surge in App Store submissions as developers embrace vibe coding and AI-assisted development tools, Apple's App Store team has identified an emerging security challenge: what happens when an app you download later evolves into something fundamentally different - without Apple having a chance to review those changes."
"The deeper risk is that legitimate‑seeming apps could introduce unverified, remotely delivered code after installation. This is a known malware pattern; one historic example is XcodeGhost, a compromised version of Apple's Xcode development environment that infected apps built with it."
"Apple's latest response to this threat appears in an updated set of App Store guidelines first noted by The Information. Reportedly, Apple is pushing back on "vibe coding" platforms such as Replit and Vibecode, arguing that they violate long‑standing rules prohibiting apps from running code that can alter how other apps behave."
Apple faces emerging security challenges as app submissions surge 60% due to AI-assisted development and vibe coding adoption. The primary concern involves apps that evolve after installation through downloaded external code or remote updates without Apple's review. Experts project 30% of new security exposures may stem from hastily created vibe-coded applications. Historical precedents like XcodeGhost and recent incidents such as CovertLabs identifying 198 iOS AI apps leaking user data demonstrate real threats. Apple's response includes updated App Store guidelines targeting vibe coding platforms like Replit and Vibecode, which violate rules prohibiting apps from running code that alters other app behavior. This enforcement aims to maintain platform integrity while supporting legitimate development practices.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]