Agentjacking: How Fake Sentry Errors Hijack AI Coding Agents
April Joy Deang2026-06-28T15:46:35+00:00AI coding agents like Claude Code, Cursor, and Codex now do far more than autocomplete. They read source code, query observability platforms, open pull requests, and run terminal commands on developer machines. That expanded access is useful, but it also creates a problem most security teams have not accounted for: when an agent reads data from an external tool, it often treats that data as trustworthy. A new attack class called agentjacking takes advantage of exactly this assumption. Researchers at Tenet Security documented the technique in June 2026. It tricks AI coding agents into executing attacker-controlled code by hiding instructions [...]

