Agentjacking: Fake error reports hijack Claude Code and Cursor into running code (thenextweb.com)

Security researchers have unveiled a new attack method dubbed "Agentjacking," which allows malicious actors to hijack AI coding agents by submitting fake error reports. This exploit, identified by Tenet Security, requires no malware or access credentials; instead, attackers manipulate the coding agent to execute their code under the developer's own privileges. Using Sentry, a prevalent error-tracking tool, attackers send fabricated error reports that are misinterpreted by the coding agents, causing them to unwittingly initiate harmful commands. The significance of this finding lies in the growing reliance on AI coding agents, which are increasingly integrated into software development environments, with one startup recently achieving $500 million in revenue. The attack affected major agents like Claude Code, Cursor, and Codex, showing an alarming 85% success rate. The implications are severe, as a single intruded error can unlock sensitive credentials and access to critical infrastructure, including CI/CD pipelines. Moreover, traditional security measures such as firewalls and VPNs fail to identify this type of breach, highlighting the urgent need for improved data-handling protocols within AI systems to prevent such vulnerabilities in the future.