The MCP Trust Boundary Doctrine: Why 2,388 Businesses Just Had Their AI Coding Agents Hijacked, And How To Audit Yours Before Monday Morning
Tenet Security disclosed Agentjacking on June 12, 2026. The attack hijacked AI coding agents at 2,388 organizations with an 85% success rate against Claude Code, Cursor, and OpenAI Codex through publicly injectable Sentry DSNs and MCP integrations. Victims ranged from Fortune 500 ($250B market cap) to solo developers. Microsoft separately disclosed AutoJack on June 18 with the same attack class on AutoGen Studio. Sentry called the underlying issue 'technically not defensible'. Run The MCP Trust Boundary Doctrine 5-question audit before Monday morning to protect your AI agent toolchain.


