Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

AI Coding Agents Left Vulnerable to Credential Theft

Section 1 – What happened?

In a series of high-profile hacks, the AI coding agents Claude Code, Copilot, and Codex have been compromised, with attackers targeting the credentials of these systems rather than the models themselves. The hacks were made possible by vulnerabilities in the way these agents interact with production systems, allowing attackers to authenticate without a human session anchoring the request. The latest incident was discovered by BeyondTrust, which found that a crafted GitHub branch name could steal Codex's OAuth token in cleartext. OpenAI classified this as a Critical P1 vulnerability.

Section 2 – Background & Context

This is not an isolated incident, but rather the latest in a nine-month run of exploits against AI coding agents. Six research teams have disclosed vulnerabilities against Codex, Claude Code, Copilot, and Vertex AI, all of which followed the same pattern of exploiting credentials to gain unauthorized access. The attack surface was first demonstrated at Black Hat USA 2025, where Zenity CTO Michael Bargury hijacked several AI systems on stage with zero clicks. The root cause of these vulnerabilities lies in the way enterprises interact with AI vendors, believing they have "approved" the interface but not the underlying system.

Section 3 – Impact on Swiss SMEs & Finance

For Swiss SMEs and financial institutions, these hacks highlight the importance of securing AI-powered systems and ensuring that credentials are properly managed. As AI becomes increasingly integrated into business operations, the risk of credential theft and unauthorized access grows. Enterprises must take steps to ensure that their AI vendors are properly secured and that credentials are not left vulnerable to exploitation. This includes implementing robust security measures, such as two-factor authentication and session anchoring, to prevent unauthorized access.

Section 4 – What to Watch

As the use of AI coding agents continues to grow, it is likely that we will see more attempts to exploit vulnerabilities in these systems. Enterprises must be vigilant in monitoring for signs of credential theft and unauthorized access, and take proactive steps to secure their AI-powered systems. Additionally, regulators and standards bodies must work to establish clear guidelines for the secure use of AI in business operations.

Source

Original Article: Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Published: April 30, 2026

Author: louiswcolumbus@gmail.com (Louis Columbus)

---

Disclaimer: This article is for informational purposes only and does not constitute financial advice. Consult a licensed financial advisor before making investment decisions.