{"data":{"id":"47c02b08-a9fc-4314-9058-4844b20e6b9d","title":"AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackers","summary":"AI coding agents like Claude Code, Cursor, and OpenAI Codex are triggering endpoint security detection rules (behavioral engines that flag suspicious activity) because they perform actions identical to attacker behavior, such as decrypting stored browser credentials and downloading files using built-in system tools. The agents themselves are not malicious, but their legitimate work looks exactly like credential theft and code execution attacks to security software, making it harder for defenders to distinguish between benign AI assistants and actual intruders.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://thehackernews.com/2026/07/ai-coding-agents-found-triggering.html","publishedAt":"2026-07-08T17:02:12.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["jailbreak"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic","OpenAI"],"affectedVendorsRaw":["Claude Code","Cursor","OpenAI Codex","Claude Opus 4.5","Anthropic","OpenAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-07-08T17:02:12.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","safety"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}