A wave of recent security breaches has exposed critical flaws in leading AI coding tools, including Claude Code, GitHub Copilot, OpenAI Codex, and Vertex AI. Across multiple incidents, attackers consistently targeted credentials rather than the AI models themselves—revealing a major gap in enterprise security.
Researchers found that these tools often operate with powerful access tokens, allowing them to interact with production systems without direct human oversight. In one case, a manipulated GitHub branch name enabled attackers to steal OAuth tokens from Codex. Meanwhile, vulnerabilities in Claude Code allowed sandbox escapes and bypassed security rules under certain conditions.
GitHub Copilot also faced exploits where hidden instructions in pull requests or issues triggered unauthorised actions, including remote code execution and token exfiltration. Similarly, Vertex AI was found to grant overly broad permissions by default, potentially exposing sensitive data across cloud environments.
Security experts say the core issue lies in how AI agents are integrated. Many organisations approve AI tools without fully understanding the credentials and permissions operating behind the scenes. As a result, these agents can act independently with elevated access, creating new attack surfaces.
Despite patches and security updates from vendors, the pattern remains consistent: runtime credentials are the primary target. Industry leaders stress the need for stricter identity management, reduced permission scopes, and better monitoring of AI agent activity.
As adoption grows— with a majority of developers now using AI coding tools—these vulnerabilities highlight an urgent need for stronger governance. Without it, experts warn, the risks tied to AI-powered development could escalate rapidly.
Disclaimer
NextNews strives for accurate tech news, but use it with caution - content changes often, external links may be iffy, and technical glitches happen. See full disclaimer for details.