I’ll be honest: I’ve been deep in the weeds with the new coding tools lately. Claude Code, OpenAI’s Codex, the whole agentic development stack. As someone who evaluates startups for a living, I felt I owed it to founders to actually use what they’re building on – not just read the benchmarks. And the experience has been genuinely impressive, occasionally maddening, and clarifying in ways I didn’t expect. I’ve hit the bugs, the hallucinations, the moments where an agent confidently wires up a function that doesn’t exist. I’ve also shipped things in an afternoon that would have taken a week two years ago.
That firsthand experience is what made me sceptical of the loudest narrative in enterprise software right now: that AI agents have made SaaS obsolete. There’s a peculiar ritual in tech where every few years, we declare something dead before it’s had the chance to prove itself. SaaS killed on-premise software. Mobile killed the desktop web. Cloud killed everything else. And now, agentic AI and vibe coding are supposedly killing SaaS. The eulogies are being written fast, the memes are flying, and the term “SaaSpocalypse” has entered the VC lexicon.
Before we start ordering flowers, let’s slow down and actually look at what’s happening – including what’s genuinely exciting, what’s genuinely broken, and what should make any serious investor pause.
The Promise Is Real. So Are the Problems.
Let’s start with some honesty. Agentic AI – systems that don’t just respond to prompts but autonomously plan, execute multi-step tasks, use tools, and interact with the world – represents a genuine shift in how software gets built and used. The same is true of vibe coding, the workflow popularised by Andrej Karpathy in February 2025, where developers (and increasingly, non-developers) describe intent in plain language and let AI generate the code. These are not gimmicks.
But the gap between demo and production reality is wide, and it matters enormously to founders and investors who are building real businesses on top of this infrastructure.
Agentic AI and vibe coding: key numbers at a glance
April 2026
Foundation model leaders
Anthropic ARR
$30B
Up ~1,400% YoY · Series G @ $380B
OpenAI ARR
$25B
900M weekly ChatGPT users
Claude Code ARR
$2.5B
54% share of AI coding tools
SaaSpocalypse wipeout
$285B
Lost in 48 hrs, Feb 2026
Security vulnerabilities in agentic AI (arXiv, 2026)
Four challenges to watch
Security and rogue skills
EchoLeak, ClawHub supply-chain attacks, agent impersonation via MCP protocols
Token cost and “denial of wallet”
Runaway agent loops drain budgets within minutes; NIST now mandates circuit breakers
Bugs and hallucinations
1.7x more major issues in AI code (CodeRabbit); 205K hallucinated packages across 576K samples
Quality at scale
66% of devs cite “almost right but not quite” as their top frustration (Stack Overflow 2025)
Where Remagine Ventures sees opportunity
AI security infrastructure
Identity, guardrails, prompt monitoring for agentic systems
Vertical AI with data moats
Vertical software market: $133B (2025) to $194B (2029)
Developer infrastructure
AI testing, code review, agent observability tooling
Outcome-based billing
70% of SaaS vendors will reprice by 2028 (IDC)
Human-in-the-loop
Structured oversight for healthcare, legal, compliance workflows
Sources: arXiv (2026), Veracode 2025, Forrester, IDC, Sacra, CodeRabbit, Stack Overflow 2025, CSO Online
1. Security: From Malware to Rogue Skills
The security picture for agentic AI is, frankly, alarming. Unlike a traditional chatbot that produces text, an agent has tool access, memory, and the ability to take real-world actions – which dramatically expands the attack surface. According to research published on arXiv, 94.4% of state-of-the-art LLM agents are vulnerable to prompt injection, 83.3% to retrieval-based backdoors, and 100% to inter-agent trust exploits.
The attacks are no longer theoretical. In mid-2025, a critical vulnerability dubbed EchoLeak was discovered in Microsoft Copilot – infected email messages containing engineered prompts could trigger Copilot to exfiltrate sensitive data automatically, without any user interaction. Meanwhile, community marketplaces for agent skills have become a new vector for supply-chain attacks: the “ClawHub” repository has been abused to distribute malicious packages disguised as trading bots, utilities, or development helpers – once installed, these skills can deploy information-stealing malware directly onto a user’s machine.
The problem compounds in multi-agent systems. Protocol-level threats target the communication standards agents use – attackers can exploit these to achieve impersonation, where one agent pretends to be another, or manipulate collusion and coordination, effectively turning a group of agents into an autonomous threat actor that can bypass security controls a single agent could not.
For enterprise adoption, this is a hard blocker, not a speed bump. 59% of organizations surveyed between December 2024 and January 2025 said implementing agentic AI in their cybersecurity operations was a “work in progress.” That number tells you how much trust still needs to be built.
2. Token Guzzling: the hidden cost of doing things
Even when agents behave perfectly, they are expensive. Complex agentic workflows consume tokens at every reasoning step, tool call, memory retrieval, and sub-task delegation. Chain a few agents together on a non-trivial task and the costs compound faster than most teams anticipate. I’ve experienced this firsthand: what looks like a simple multi-step workflow in a demo can quietly run up a bill that would make a CFO wince.
Context windows have grown dramatically, which is genuinely useful, but larger contexts mean more tokens processed per call. The economics that work for a prototype fall apart at production scale, particularly for startups trying to build margin into AI-native products. This is one of the less-discussed constraints on the agentic AI business model: the underlying inference costs are still high enough that many use cases are impressive but not yet profitable to run at scale.
3. Bugs, Hallucinations, and the Vibe Coding Hangover
Vibe coding – accepting AI-generated code without fully reading or understanding it – accelerates prototyping dramatically. But its costs downstream are becoming increasingly visible. Up to 45% of AI-generated code introduces known security vulnerabilities, according to the Veracode 2025 GenAI Code Security Report, with Java having a failure rate exceeding 70%.
Hallucinations in code are particularly insidious because they look correct. AI models hallucinate function names that don’t exist, reference APIs that were deprecated years ago, and invent configuration options that never existed – and these bugs are particularly dangerous because the code follows all the right patterns while calling functions that simply don’t work. Research found that among 576,000 code samples analysed, AI tools suggested 205,474 unique software packages that did not exist. Attackers have learned to monitor these hallucinations and register malicious packages with the suggested names on NPM or PyPI, turning a development mistake into a supply-chain attack.
If 2025 was the year everyone shipped faster, 2026 is the year many teams are discovering what they shipped. Fast Company reported on the “vibe coding hangover” as early as September 2025 – engineers inheriting AI-generated codebases they can’t extend, debug, or audit. One December 2025 analysis by CodeRabbit of 470 open-source pull requests found that code co-authored by AI contained 1.7x more “major” issues than human-written code.
4. Quality at Scale Is Still a Work in Progress
Beyond security, there’s a broader quality challenge. The top frustration among developers, cited by 66% in a Stack Overflow survey, is dealing with “AI solutions that are almost right, but not quite” – and almost-right code is worse than clearly wrong code, because wrong code fails tests immediately while almost-right code passes tests but fails in production.
The structural problem is that AI accelerates code generation but review capacity remains flat. These systems still struggle with long-horizon tasks, architectural coherence, and the kind of contextual judgment that distinguishes a prototype from a production system. As senior engineers would tell you: the boring parts – error handling, edge cases, observability, compliance – are exactly where AI-generated code tends to fall short.
The Saaspocalypse: Real Signal, Overstated Conclusion
Now, about the SaaSpocalypse. Unless you lived under a rock, you’ve heard that SaaS cmFebruary 2026 market selloff that, in roughly 48 hours, erased approximately $285 billion from SaaS company valuations in a single window – the largest AI-triggered repricing event in software history. ServiceNow fell 7%. Intuit dropped 11%. LegalZoom lost nearly 20%. The trigger: a growing market conviction that AI agents could replace the per-seat workflows that have powered SaaS business models for two decades.
The underlying business logic isn’t wrong. The barriers to entry for creating software are now so low thanks to coding agents that the build-versus-buy decision is shifting toward build in many cases, as one investor at One Way Ventures told TechCrunch. If one employee with AI tools can do the work of five, per-seat pricing collapses.
But “the model is under pressure” and “SaaS is dead” are very different statements, and conflating them is a mistake.
Here’s why it’s too early to write the obituary. Global SaaS spending is projected to rise from $318 billion in 2025 to $512 billion by 2028, according to Forrester – which is not the trajectory of a dying industry. The enterprise core doesn’t evaporate overnight. Regulated workflows in healthcare, financial services, and legal – which run on deeply integrated SaaS platforms – are not being ripped out and replaced by autonomous agents anytime soon. Epic, Salesforce, Workday, and ServiceNow are embedding AI, not being displaced by it. IDC predicts that by 2028, pure seat-based pricing will be obsolete, with 70% of software vendors refactoring their pricing strategies around consumption, outcomes, or organisational capability – that’s a business model evolution, not an extinction event.
Bain & Company’s read on history is instructive: technological transitions rarely produce extinction – they produce heterogeneity. Desktop survived mobile. Cloud didn’t kill on-premise so much as push it into specialised niches. The history of software is a history of layers accumulating, not replacing.
What is genuinely true is that the market has evolved and users are more empowered. The “build vs. buy” calculus has shifted. The days of buying a separate SaaS tool for every workflow are numbered. The funeral for SaaS has been extremely well-attended. The corpse, on closer inspection, is still breathing.
The Real Winners – and Where the Opportunity Lives
The clearest winners of the current moment are the foundation model providers. Anthropic hit $30 billion in annualised revenue in March 2026, up approximately 1,400% year-over-year, driven by enterprise and startup API adoption. Over 500 customers now spend over $1 million annually, eight of the Fortune 10 are Claude customers, and the company closed a $30 billion Series G at a $380 billion post-money valuation.
Where are the start up opportunities emerging? If I’m honest, I believe many VCs are a bit concerned by the current trend and are assessing the situation. The managing partner of a $1 billion fund told me they have yet to do a deal in 2026… nevertheless, every ‘crisis’ is an opportunity and ambitious founders will be all over these new ‘Agentic AI’ market:
- AI security and trust infrastructure. Enterprises need identity, permissions, policy enforcement, prompt monitoring, runtime guardrails, agent authentication and audit trails. If agents are going to touch sensitive systems, they need to be governed like employees and secured like software.
- Developer infrastructure for the vibe coding era. The world does not need more code generation alone. It needs better code review, testing, context management, architecture validation, dependency security and AI-native CI/CD. The more code AI creates, the more valuable verification becomes.
- Vertical AI with proprietary data and workflow depth. Generic agents will be powerful, but regulated and complex domains still need specialised workflows, domain context, data access, compliance and trust. Healthcare, legal, finance, construction, insurance, logistics and defence will not be won by wrappers.
- Agent observability and cost control. As agent workflows become more complex, companies will need to understand what agents did, why they did it, what it cost, where they failed and how to improve them.
- Outcome-based SaaS infrastructure. If software pricing moves from seats to outcomes, companies need new billing, metering, attribution and revenue operations tooling. “Pay per result” sounds simple until finance asks how the result is measured.
- Human-in-the-loop platforms. In high-stakes workflows, the winning product will not remove humans entirely. It will put them in the right place, at the right moment, with the right context.
The Honest Take
Agentic AI and vibe coding are real technological shifts with real commercial momentum. The challenges – security vulnerabilities, token costs, hallucinations, code quality – are also real, and they are not solved problems. Founders building in this space need to take them seriously, not dismiss them as teething issues. The early mover advantage in this wave will go to teams that understand both the upside and the engineering discipline required to deliver it in production.
The SaaSpocalypse was a market signal, not a market fact. What it told us is that per-seat pricing is structurally vulnerable, that users are more empowered than ever, and that the value in software is migrating toward intelligence and outcomes. What it didn’t tell us is that SaaS is dead – because it isn’t. It’s changing. And in the gap between the old model and the new one, that’s exactly where the best early-stage opportunities tend to hide.
At Remagine Ventures, that’s precisely the territory we find most interesting.
He is a former General Partner at Google Ventures (GV) in Europe, former head of Google for Entrepreneurs in Europe, and founding head of Campus London, Google's first startup hub. Eze writes on Israeli tech, venture capital, artificial intelligence, and founder strategy.
He is also the founder of Techbikers, a nonprofit that brings together the startup ecosystem on cycling challenges in support of Room to Read.
- Requests for Startups: Summer 2026 edition - April 28, 2026
- Why the “SaaSpocalypse” Is More Hype Than Obituary - April 28, 2026
- Weekly Firgun Newsletter – April 24 2026 - April 24, 2026