A fake bug report is all it takes to hijack a coding agent — 85% success rate across the major ones (Agentjacking, June 2026)

Reddit r/AI_Agents News

Summary

Researchers found that AI coding agents can be hijacked by following instructions hidden in external content like bug reports, achieving an 85% success rate. The vulnerability exploits the agents' automatic trust in input they did not generate.

Researchers at Tenet Security and the Cloud Security Alliance's research labs found that AI coding agents will follow instructions hidden inside content they're supposed to be reviewing — a bug report, a README, a support ticket. No phishing link, no malware. The agent just trusts the input. They measured an 85% success rate across major coding agents when the payload was disguised as a routine bug report. The pattern that matters here: anywhere an agent automatically trusts external content it didn't generate, that content can carry instructions it'll follow without asking. Same blind spot shows up in a second case I covered — a "safety check" README that named real tools but launched a different payload when an agent ran it in auto-review mode. Curious how others here are handling this — do you sandbox agent input, or is it more about not giving agents write access to begin with?
Original Article

Similar Articles

Google DeepMind Researchers Map Out Ways Hackers Hijack AI Agents

Reddit r/artificial

Google DeepMind researchers published a paper titled 'AI Agent Traps' that maps six attack types hackers can use to hijack autonomous AI agents, including content injection, semantic manipulation, and behavioral control traps, and proposes layered defenses.

Your AI agent just got hijacked. You have no idea it happened.

Reddit r/artificial

This article warns about the Crescendo attack, a multi-turn prompt injection that evades single-message defenses by poisoning an AI agent's context over several turns. It introduces Bendex Arc, a tool that tracks behavioral trajectory across sessions to catch such attacks before they execute.