Anthropic’s Fable 5 briefly gave Australia a rare look at Mythos-class cyber AI in action. Then US export controls shut access down, raising a harder question: if the model is too dangerous to leave America, are allies left safer, or simply more exposed?
Tenet Security says a fake Sentry error can push AI coding agents into running attacker controlled code, putting developer trust under fresh scrutiny.
On Friday, Elon Musk priced the largest float in history. SpaceX listed on the Nasdaq at about $1.8 trillion, minting the world's first trillionaire and fusing the space economy with the AI trade. Inside one lifetime, compute and capital have become statecraft. The sky just became an asset class.
Tenet Security says a fake Sentry error can push AI coding agents into running attacker controlled code, putting developer trust under fresh scrutiny.
A new AI supply-chain risk has quietly arrived in mainstream developer tooling. Tenet Security reports that its researchers used crafted Sentry error events to make AI coding agents follow attacker-written instructions rather than fix genuine bugs. In their tests, malicious prompts were embedded in error reports that agents later fetched through standard integrations, then treated as trusted guidance.
Tenet says it identified 2,388 organisations with valid Sentry DSNs exposed and observed more than 100 live coding agents act on injected errors during the research. Recent coverage from other security analysts has also highlighted the risk of leaking environment variables, Git credentials and internal repository details when these agents are steered through poisoned telemetry.
For Australian organisations, this is not an abstract AI scare but a practical operational risk. Coding agents now sit alongside source code, CI pipelines and developer laptops, and they are beginning to consume the same monitoring feeds and error reports teams rely on to debug production. The question is no longer whether AI assistants can be abused, but how easily an attacker can turn ordinary support and observability data into an instruction channel.
Developers should treat external error feeds and monitoring tools connected to AI agents as potentially hostile, and treat agent-suggested fixes and shell commands as proposals that still require human review before execution. Security teams, meanwhile, need to map where AI agents plug into code, telemetry and credentials, decide which data sources must be treated as untrusted input, and put guardrails around what agents can read and run. The risk is not the presence of AI coding tools, but the absence of the same scrutiny and least-privilege controls that already apply to any other piece of privileged automation.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Cyera’s reported $300 million raise at a $12 billion valuation shows how quickly enterprise data security is being repriced as AI adoption accelerates. The figures should be framed carefully, because Cyera has disputed the reported numbers.
Anthropic’s confidential S-1 filing asks public markets to judge whether frontier AI can turn strategic heat into durable economics.
CISA has added an actively exploited LiteSpeed cPanel Plugin flaw to its KEV catalogue, with hosting providers urged to patch or remove the vulnerable user-end plugin.
CISA’s latest KEV update mixes new Microsoft Defender flaws with legacy Windows and Adobe bugs, showing why exploited risk often sits in forgotten systems.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
