BREAKING
'Agentjacking' Hijacks AI Coding Agents
How the Attack Works
1
Grab public DSN
↓
2
Inject fake error
↓
3
MCP returns data
↓
4
Agent runs code
0
+
organizations tested
0
%
success rate
No Phishing, No Malware Needed
Why It's Hard to Stop
Evades Tools
Detection
●
Looks like normal error log
●
Slips past WAF and EDR
Trust Problem
Design
●
External output treated as data
●
Separate execution privileges
A Warning On Over-Trusting Agents
AI NEWS BLITZ
Researchers have disclosed a new attack that hijacks AI coding agents through fake Sentry errors.