Two security stories dominated the week: a newly documented 'agentjacking' attack that achieved an 85% success rate against Claude Code, Cursor, and Codex across tested organizations, and a separate finding of roughly 5,000 publicly accessible vibe-coded apps leaking sensitive data. Both surface a structural gap — AI coding agents cannot distinguish data from instructions, and casual developers aren't invoking available security features. On the market side, Claude Code holds the top adoption position among AI coding tools per JetBrains data (74% of developers now use AI tools; 91% report productivity gains), but a Business Insider cluster this week documents real friction: developer isolation, identity strain, and organizational AI sprawl where only 13% of workers say individual time savings translate to company-level performance. Regulatory risk is also materializing: Anthropic's Fable 5 and Mythos models were pulled under a U.S. export-control directive, accelerating interest in self-hostable open-weight alternatives like GLM-5.2.
A documented 'agentjacking' attack is the most pressing security development this cycle. New Stack detailed how a public Sentry DSN allows attackers to inject fake error reports into AI coding agents, triggering code execution on developers' machines without malware or stolen credentials. Tenet Security logged more than 100 confirmed executions across separate organizations and found 2,388 organizations with injectable DSNs. Sentry called the attack class "technically not defensible" and shipped a filter only for the specific proof-of-concept string. The underlying issue, that agents cannot separate data from instructions, is a model-level limit no config change can close.
The Verge reported that roughly 5,000 publicly accessible apps built with popular AI coding tools had no authentication, with close to 2,000 leaking sensitive data. The core problem is developer awareness: tools like Claude Code and Codex offer security features, but casual 'vibe coders' rarely invoke them, and most don't realize when a local app has drifted into handling shared or sensitive data. "The moment that it touches other people's personal data, that's when I think the standard changes," said SentinelOne's Gabriel Bernadett-Shapiro.
InfoWorld positioned Claude Code as the most widely adopted AI coding tool, ahead of Gemini Code Assist and GitHub Copilot, in a piece arguing open infrastructure will define the AI era. The article cited Gartner's projection that AI coding token spending could exceed developer salaries by 2028, and warned that proprietary platform lock-in can cost enterprises over $100,000 to undo. Separately, SD Times covered Claude Code's new 'Artifacts' beta, which turns session work into live, shareable, self-updating web pages covering PR walkthroughs, incident timelines, and release checklists — a collaboration feature that reduces status-update overhead without requiring additional infrastructure.
CNN reported that Anthropic's Fable 5 and Mythos 5 models were pulled after the Trump administration deemed them national security risks over a jailbreak vulnerability, with experts calling the regulatory process "ad hoc, personalized, opaque, possibly lawless." New Stack connected this directly to the case for open-weight, self-hostable models, noting GLM-5.2 costs six cents for a landing page build versus 49 cents for Anthropic's Opus, and that a 700B-parameter local deployment pays for itself in API bill savings within six to seven months. Business Insider separately covered GLM-5.2's reception in Silicon Valley, with Vercel's CEO calling it "genuinely impressed, almost shocked."
Business Insider published a cluster of pieces this week documenting the human cost of AI coding tool adoption. Business Insider quoted Menlo Ventures partner Deedy Das saying engineers face "an identity crisis bordering on depression," with senior developers bearing the full review burden of AI-generated code. Business Insider reported Anthropic's own engineering leader Fiona Fung acknowledging Claude Code made programming "a lonely experience," prompting her team to organize programming lunches and hackathons. Business Insider found that 77% of digital workers use multiple AI tools weekly, but only 13% say the savings materially improved company performance.
Several tier-one outlets covered Nobel laureate John Jumper's departure from Google DeepMind for Anthropic. BusinessLine reported Jumper was a key member of Google's AI coding development team and that Google has struggled to sell AI coding tools to businesses, per former employees. Also covered by: TechCrunch.
New Stack profiled Project Valkey's deployment of AI agents to handle bug backporting, CI pipeline runs, and code provenance scanning for its 9.1 release. Maintainer Madelyn Olson reported the agents saved "several hours of testing time per engineer per week" while keeping humans in the loop for final sign-offs. "Real efficiency and no hype" was her framing, offering a concrete counterpoint to the identity-crisis narrative in the Business Insider cluster.