AgentsMicrosoft Patches First AI Coding Agent CVEs via Prompt InjectionKrebs on Security·high signalCVE-2026-21516/21523/21256: GitHub Copilot and VS Code RCE via prompt injection. First formal CVEs targeting AI coding agents in IDEs.SourceSource pageKrebs on Security↳ Follow the threadPolicy dependency / Stack layerPrismata Confines Cross-Site Prompt Injection by Treating Web Agents Like an XSS ProblemarXivPolicy dependency / Stack layerKastra Launches Policy Enforcement for Claude Code, Cursor, and CodexHacker NewsStack layer / ContrastOpenAI launches ChatGPT Work, an agentic workspace on GPT-5.6, with Sol/Luna/Terra model tiersInfoWorldStack layer / Threat patternMid-Session Tool Injection weaponized against WebMCP agents via threshold poisoning and fake diagnostic eventsAdversa AIStack layer / Threat patternSnyk's Evo Agentic Development Security Hit GA June 29 — an Enforcement Layer That Polices MCP Servers and Coding Agents at RuntimeSiliconANGLEStack layer / Threat patternCROSS-CATEGORY: Three Vendors in Three Unrelated Categories Shipped 'Agents That Supervise Other Agents' Inside Two WeeksVantaStack layer / Threat patternDefend against prompt injection with an embedding-scored Threat Library, not brittle regex rulesPromptHaloPolicy dependency / Stack layerPattern: Named Model Tiers Are Becoming the Primary Product Surface, Not the ModelOpenAI