Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents
ID: 49a9831b-0627-5cff-b381-65995f00b01a
STIX ID: report--49a9831b-0627-5cff-b381-65995f00b01a
Feed Name: HackRead
Tenet Threat Labs demonstrated “Agentjacking,” an instruction-injection technique that abuses public Sentry DSNs and Markdown in error reports to trick AI coding agents (e.g., Claude Code, Cursor, OpenAI Codex) into running attacker-supplied commands on developer machines, potentially enabling remote code execution and exposure of secrets; researchers identified 2,388 exposed DSNs and observed AI agents at 100+ organizations execute their validation code, Sentry added a content filter for the PoC text and Tenet released Agent-JackStop as a mitigation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
