Forensic Summary
Tenet Security has disclosed 'Agentjacking', a novel attack class that exploits the implicit trust AI coding agents place in Model Context Protocol (MCP) data sources. By injecting malicious instructions into Sentry error events via publicly accessible DSN credentials, attackers can cause agents like Claude Code and Cursor to execute arbitrary code with full developer privileges. Researchers confirmed 2,388 exposed organisations and an 85% exploitation success rate in controlled testing, with no prior access to victim infrastructure required.
Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/agentjacking-attack-achieves-85-success-rate-against-ai-coding-agents-via-sentry/
Top comments (0)