Agentjacking: how a fake bug report hijacks your coding agent
Agentjacking is an attack disclosed in June 2026: an attacker plants a fake error report, your AI coding agent reads it as instructions, and runs their code with your credentials. The nasty part is that telling the agent to ignore untrusted input doesn't stop it, and your security tools see nothing wrong.