A new form of attack termed 'agentjacking' has been identified, which compromises AI coding agents by exploiting a vulnerability in the Sentry app. This method allows attackers to inject malicious commands disguised as legitimate error messages into Sentry's error tracking tool. It enables AI agents to execute harmful code without recognizing it from false guidance. The attack bypasses standard security measures and could affect numerous projects using Sentry's public data source names (DSNs).
Researchers found an 85% success rate across popular coding agents, indicating significant security risks associated with integrations between AI tools and third-party monitoring services.