AI Agents Under Siege: New “Agentjacking” and RCE Flaws Threaten Defense, Drones, and Budgets

Cybersecurity researchers are warning that AI coding agents can be hijacked to execute arbitrary code on developers’ machines, a technique dubbed “Agentjacking” by Tenet Security. The reporting describes how attackers can trigger the behavior using crafted fake error reports, effectively turning routine development workflows into an execution path. In parallel, separate disclosures highlight a chain of newly patched vulnerabilities in LangGraph, an open-source framework from LangChain, where a critical flaw could enable remote code execution. Together, the incidents reinforce that the security perimeter is shifting from traditional software supply chains toward the agentic tooling used to build and operate systems. Strategically, this matters because AI-enabled cyber operations and defense systems are increasingly built, tested, and deployed through agent-driven software pipelines. The US-focused discussion on CyberCorps adaptation frames the challenge as a mismatch between escalating threat complexity and the ability to staff and fund cyber expertise, especially for critical networks. Meanwhile, the UK defense leadership dispute—where the new defense secretary Dan Jarvis warned of “significant challenges ahead” after a spending clash with the Treasury—adds a political constraint on how quickly security and defense modernization can be resourced. On the battlefield side, Ukraine’s defense AI chief predicts a “new paradigm” of warfare, while media coverage on fully autonomous killer drones raises the stakes by suggesting autonomy could outpace human-in-the-loop control. Market and economic implications are likely to concentrate in cybersecurity services, managed detection and response (MDR), and the broader AI infrastructure stack that underpins developer tooling. If agentic security incidents accelerate patching cycles and incident response demand, investors may see upward pressure on spending for EDR/MDR platforms and security engineering services, while risk premia rise for firms with exposure to open-source AI frameworks and self-hosted deployments. The defense budget uncertainty in the UK can also influence procurement timing for AI-enabled defense systems, potentially affecting defense contractors’ near-term order visibility. In the drone and autonomy narrative, any credible move toward fully autonomous operations can increase demand for sensing, autonomy software, and secure communications—areas that tend to trade with defense sentiment and export-control expectations. What to watch next is whether vendors and open-source maintainers rapidly harden agent frameworks and publish reliable mitigations, including guidance for self-hosted LangGraph and similar orchestration layers. For the cyber workforce and critical infrastructure angle, the key trigger is whether US funding and scholarship pipelines (via CyberCorps) expand fast enough to close staffing gaps highlighted by the GAO. In the UK, escalation hinges on how the Treasury and the Ministry of Defence reconcile spending priorities for cyber and AI modernization after the leadership warning. Finally, on the operational side, monitor official doctrine updates and procurement signals tied to Ukraine’s “new paradigm” claims and the pace of autonomy testing for killer drones, because any acceleration could amplify both cyber targeting and security requirements across defense networks.

Geopolitical Implications

• 01

  Cyber offense and defense are converging on AI agent toolchains, making software development workflows a strategic battlefield for states and non-state actors.

• 02

  Budget and staffing constraints can become geopolitical vulnerabilities, limiting the speed at which critical infrastructure and defense systems can be hardened.

• 03

  Autonomy narratives (drones and AI warfare doctrine) raise the probability of cyber-enabled disruption, including targeting of command, control, and software supply chains.

• 04

  UK internal fiscal disputes may affect alliance readiness and interoperability if AI-enabled defense capabilities are delayed or scaled back.

Key Signals

• —Vendor and open-source patch cadence for agent frameworks (LangGraph/LangChain) and the publication of concrete mitigations for self-hosted deployments.
• —US policy and funding movement tied to CyberCorps expansion and GAO-identified gaps in cyber staffing for critical networks.
• —UK Treasury–MoD negotiations outcomes that clarify near-term defense spending priorities for cyber and AI modernization.
• —Operational doctrine updates and procurement announcements related to autonomous drone testing and AI-driven warfare claims.