Vulnerability Exposed: Single Public Sentry Key Can Compromise Claude Code, Cursor, and Codex
agents claude cursor startup
| Source: Mastodon | Original article
A public Sentry key can be used to hijack AI models.
A public Sentry key is all it takes to hijack Claude Code, Cursor, and Codex, according to recent research. This vulnerability, known as "agentjacking," exploits public Sentry DSNs to run malicious code on a developer's machine. The attack works by sending a fake Sentry error, which can then be used to hijack AI coding agents.
This matters because it puts numerous organizations at risk - reportedly 2,388 are vulnerable to this type of attack, with a high success rate of 85%. The fact that existing security controls, such as EDR, firewalls, and prompts, can miss this type of attack makes it particularly concerning. As we have previously reported on the potential risks and challenges associated with AI agents, this new information highlights the need for increased vigilance and security measures.
What to watch next is how organizations respond to this vulnerability and what steps they take to mitigate the risk of agentjacking attacks. With the research providing actionable mitigations, it will be important to see how quickly and effectively these measures can be implemented to protect against this type of threat.
Sources
Back to AIPULSEN