Shadow AI is leaving software teams dangerously exposed

Two thirds of organizations report exploits involving vulnerable LLM code.

By Carly Page

November 12, 2025

Estimated reading time: 3 minutes

New research from Harness warns that shadow AI is creating security blind spots, and DevSecOps teams are struggling to keep up.

Software teams are losing control of where and how AI tools and models are being used, according to new research from Harness, which warns that a surge in “shadow AI” is leaving organizations dangerously exposed.

The company’s State of AI-Native Application Security 2025 report finds that as AI-native applications multiply, security teams can no longer see which models, APIs, and data sources are active, highlighting significant limitations with traditional DevSecOps pipelines.

Join LeadDev.com for free to access this content

Create an account to access our free engineering leadership content, free online events and to receive our weekly email newsletter. We will also keep you up to date with LeadDev events.

We have linked your account and just need a few more details to complete your registration:

First name Last name Job title Company Country

Terms and conditions I agree to the LeadDev.com terms and conditions of use

Create a password

About the author

Carly Page

Carly Page is a freelance technology journalist, editor, and copywriter.

Newsletters

Panel discussions

Videos

Reports

For you

New York

Berlin

London

Meetups

Shadow AI is leaving software teams dangerously exposed

By Carly Page

Join LeadDev.com for free to access this content

About the author

Carly Page

New York

Berlin

London

Meetups

Shadow AI is leaving software teams dangerously exposed

By Carly Page

Join LeadDev.com for free to access this content

Share:

About the author

Share:

More like this