Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...
CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
The Next Web

Agentjacking: a fake bug report can hijack your AI coding agent

Security researchers have found a way to hijack AI coding agents with nothing but a fake bug report. They call it Agentjacking. It needs no malware, no stolen password, and no breach of the target.
VentureBeat

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...

AI coding agents taught robots how to install GPUs and cut zip ties

What happens when you give AI coding agents a lab full of robotic arms, some compute resources, and a “generous token budget” ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...