Agentjacking Attack Exploits MCP to Hijack AI Coding Agents

The Hacker News

Researchers at Tenet Security detail Agentjacking, an attack that uses fake Sentry error events to trick AI coding agents into running attacker-controlled code via MCP. It affects Claude Code, Cursor, and Codex. The attack requires only a public Sentry DSN, no phishing or server compromise.

AgentsClaude

See 2 more sources

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution5 days ago

A public Sentry key is all it takes to hijack Claude Code, Cursor, and Codex3 days agoJanakiram MSV

The Hacker News

Jun 12, 12:04 PM