Researchers have identified a new attack called Agentjacking that deceives AI coding agents into executing malicious code by exploiting a flaw in Sentry's error-tracking platform. By injecting crafted error events via a public Sentry Data Source Name (DSN), attackers can trick AI assistants into interpreting them as trusted instructions, enabling code execution with developer privileges and exposing sensitive data. Despite acknowledgment, Sentry has not fully fixed the issue, leaving many organizations vulnerable to exploitation without traditional detection methods.
https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html