A newly documented attack class called Agentjacking enables adversaries to hijack AI coding agents by embedding malicious instructions in application logs, error-tracking feeds, and dependency outputs that agents ingest as part of normal operation. Because AI coding agents typically hold broad access to codebases, secrets stores, CI/CD pipelines, and external APIs, a single successful injection yields attacker-controlled lateral movement across the developer environment. No CVE is assigned; this is a structural architectural risk affecting any AI coding agent with tool-use and log-ingestion capabilities.