AI coding agents

Security researchers demonstrated a new attack class called Agentjacking that hijacks AI coding agents through fake Sentry error reports — no credentials stolen, no servers breached, no malware deployed. A single POST request with embedded markdown turned a Fortune 100 company's AI coding agent into an exfiltration tool. Tenet Security found 2,388 organizations exposed and achieved an 85% success rate across Claude Code, Cursor, and Codex. The NSA had already warned about this exact vulnerability class. Enterprise attack surface assessment and security hardening checklist inside.

Gartner published its first Magic Quadrant for Enterprise AI Coding Agents on May 20, 2026 — and the leaderboard looks nothing like the AI Code Assistants category it replaced. Anthropic, Cursor, GitHub, and OpenAI are Leaders. AWS and Google dropped to Challengers. The shift from code completion to autonomous plan-act-verify agents redefined what counts — and the cloud giants' IDE-centric tools no longer meet the bar. This article includes a vendor evaluation matrix and an adoption readiness scorecard for engineering leaders evaluating AI coding agents.