Agentjacking attack hijacks AI coding agents via fake bug reports

Security researchers at Tenet Security discovered Agentjacking, an attack that hijacks AI coding agents using a fake bug report without malware or stolen passwords. The attack exploits Sentry error-tracking tool by posting fake errors with hidden commands. It achieved 85% success rate against Claude Code, Cursor, and Codex, exposing 2,388 organizations to potential credential theft.