Agentjacking Defense: Firewall Your AI Agent Tools

Agentjacking Defense: Firewall Your AI Agent's Tools

On June 12, 2026, researchers at Tenet Security published a new attack class called Agentjacking. The mechanics are uncomfortable: send a single HTTP POST to a public Sentry DSN, plant a fake error report with instructions hidden inside it, and wait for an AI coding agent to read that report. When Claude Code, Cursor, or Codex pulls the poisoned issue in to help you debug, it can misread the attacker's text as guidance and run shell commands on your machine. Tenet measured an 85% success rate across the three agents and roughly 2,388 exposed organizations.