AI coding agents are reshaping software development—but they’re also expanding the attack surface. Researchers uncovered a now-patched vulnerability in Anthropic’s Claude Code GitHub Action that could have enabled prompt injection attacks to expose CI/CD secrets, API keys, and credentials. As AI agents gain autonomy in development workflows, organizations must treat untrusted inputs as hostile and rethink CI/CD security models. Natural language is becoming executable code—and attackers know it.
Cursor Cloud Agents Get Their Own Computers — and 35% of Internal PRs to Prove It
Cursor’s new cloud AI coding agents can build, test, and verify software autonomously using real UI interaction. With 35% of production PRs generated by agents, software delivery is shifting from code authoring to agent orchestration and governance.