SShortSingh.
Back to feed

Researchers Warn AI Coding Agents Are Being Hijacked via Fake Bug Reports

0
·1 views

Security researchers have identified a scalable attack technique called 'Agentjacking,' in which malicious actors embed hidden instructions inside fake bug reports submitted to AI coding agents. Because these agents are built to read and act on issue content, they execute the injected commands as if they were legitimate tasks. The attack requires minimal effort — a convincing bug report with a concealed directive is enough — and works across common intake channels like GitHub Issues, Jira tickets, and support emails. Once triggered, the injected instructions run with the full permissions granted to the agent, including file system access, API keys, and network capabilities. Conventional defenses such as web application firewalls and input sanitization are ineffective because the attack exploits the semantic meaning of text rather than structural vulnerabilities in data.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Claude Code, Antigravity CLI, and OpenClaw Reshape AI Terminal Agent Landscape in 2026

Terminal-based AI agents have seen significant shifts in 2026, with Google retiring Gemini CLI for individual users and replacing it with Antigravity CLI, a closed-source successor that has faced pushback from the open-source community. Claude Code has been updated to run on the Opus 4.8 and Fable 5 models, featuring a 1-million-token context window and a new Dynamic Workflows capability. OpenClaw, an open-source always-on agent, has gained widespread traction on GitHub but carries a documented security vulnerability that developers should review before deployment. A detailed comparison covering costs, context windows, open-source status, and setup complexity has been published to help developers evaluate all three tools. The Gemini-to-Antigravity transition is particularly relevant for teams with existing scripts or CI/CD pipelines built around the older CLI.

0
ProgrammingDEV Community ·

Developer catches methodical API scrape after attacker pulls 251 requests in 11 minutes

A developer running a visa rules API detected an attempted database extraction last week after an account named 'visadb_scraper' made 251 requests in a highly systematic pattern. The attacker targeted specific passport-destination pairs at a steady rate of roughly 25 requests per minute, successfully retrieving about 249 unique records before being stopped. Signals including a throwaway email, a self-identifying username, and a failed calibration call at the start exposed the automated nature of the sweep. The developer blocked the API key, halting the scrape at just 0.6% of the full 39,585-pair dataset. The incident highlighted a key security gap: without IP logging, blocking the key cannot prevent the attacker from simply re-registering and trying again.

0
ProgrammingDEV Community ·

Developer Builds AI-Powered Daily Work Log to Strengthen Promotion Cases

A software developer has created an automated journaling system using Claude Code that logs daily work achievements into structured markdown files stored in a Git repository. The tool conducts a conversational check-in, asks follow-up questions, and saves entries with details on shipped work, impact, wins, challenges, and recognition received. The developer built it after years of struggling to recall accomplishments during performance reviews, having previously attempted a Google Forms-based solution that lacked interactivity and required manual synthesis. Each daily file includes YAML frontmatter with metadata such as energy level and tags, making entries easier to retrieve and compile into promotion evidence. The system is triggered through natural language in Claude Code, requiring no special syntax, and can reportedly be set up in around five minutes.

0
ProgrammingDEV Community ·

Format-Preserving Encryption Tool MaskOps Protects RUT, CPF, DNI Data in Polars

MaskOps, a Python library, offers format-preserving encryption (FPE) to pseudonymize digit-based personal identifiers such as Chilean RUTs, Brazilian CPFs, and Argentine DNIs within Polars dataframes. Unlike asterisk masking or hashing, FPE transforms an identifier into another valid, same-format value that can be consistently joined across datasets and later decrypted using a client-held key. The library supports two NIST-approved algorithms, FF3-1 and FF1, both built on AES-256 Feistel networks, with FF3-1 set as the default. Critically, MaskOps makes no network calls and stores no data, meaning the encryption key never leaves the client's control, satisfying GDPR Article 4(5) requirements for pseudonymization. However, the tool's documentation emphasizes that FPE output remains personal data under GDPR since it is reversible, and should not be treated as full anonymization.