|
|
|
|
|
|
Tenet Security found that a public Sentry DSN lets anyone inject arbitrary instructions into your error queue. Claude Code, Cursor, and Codex execute them at an 85 percent success rate.
|
|
JULY 2ND, 2026 · BY JONATHAN HILDEBRANDT
|
|
Tenet Security disclosed on June 12 that a publicly exposed Sentry DSN, the kind sitting in half the JavaScript bundles on GitHub, lets anyone POST arbitrary instructions into that project's error queue. When Claude Code, Cursor, or OpenAI Codex pulls those errors through the Sentry MCP integration, it treats the injected text as real application context and runs it under the developer's own privileges. In controlled testing across all three, the attack, now called agentjacking, hit an 85 percent success rate, per TheNewStack's coverage of Tenet Security's disclosure. Sentry calls it "technically not defensible" at the platform layer, since the DSN is write-only by design.
Why it matters. If your project ships a frontend DSN and your agent reads Sentry over MCP, you are executing a stranger's instructions as yourself. Rotate the DSN, pull Sentry MCP from agent configs, or scope it read-free.
|
|
Read our writeup and the fix →
|
|
|
Together AI raised $800M at an $8.3B valuation
JULY 2ND · PONDERO NEWSDESK
Aramco Ventures led the Series C, with Nvidia, Vista, General Catalyst, and Salesforce Ventures in; Together reports 1.15 billion in annual bookings, per TechCrunch. Enterprise and sovereign-energy money is now betting open-model inference is a durable business, not a stopgap while proprietary models stay expensive. Read our take.
|
Trump's AI executive order hit its 30-day deadline today
JULY 2ND · PONDERO NEWSDESK
Treasury's AI cybersecurity clearinghouse and CISA's binding federal cyber-defense directives were both due July 2 under the June 2 order. The date to circle is August 1, when agencies define "covered frontier models" and a voluntary pre-release engagement window with NIST kicks in, shaping whether Anthropic, OpenAI, and Google preview federal-sensitive models before general release. Read our take.
|
Meta ran a secret teen-impersonating probe of rival chatbots
JULY 2ND · PONDERO NEWSDESK
Internal project "Cannes," run through contractor Covalen through at least April 21, created fake under-18 accounts on ChatGPT, Gemini, and Character.AI and submitted 45,000-plus prompts, hundreds touching self-harm and eating disorders. None of the three platforms authorized it, and the FTC and House Energy and Commerce now have a documented incident for their teen-safety probes. Read our take.
|
CustomGPT.ai
JULY 2ND · PONDERO NEWSDESK
Build a no-code chatbot trained on your own docs, useful for support or internal knowledge search over a fixed corpus. Read our take on when its 99-dollar tier starts to bite before you commit. Try CustomGPT.
|
Kit
JULY 2ND · PONDERO NEWSDESK
The creator newsletter platform whose new MCP lets Claude manage your subscriber list from a prompt. The affiliate pays 50 percent for the first 12 months, per Kit's partner program terms, one of the better recurring deals we track. Try Kit.
|
n8n 2.26 review
JULY 2ND · PONDERO REVIEW
Its new native MCP server builds workflows from a plain-text prompt; our verdict covers whether that convenience is worth the cloud bill for a self-hosting team. Read it.
|
CustomGPT.ai review
JULY 1ST · PONDERO REVIEW
We explain exactly when the 99-dollar query cap bites and name the two cheaper alternatives, so you know before you hit the wall. Read it or try it.
|
Firecrawl review
JULY 1ST · PONDERO REVIEW
Firecrawl added keyless access and a Research Index; our revisit bumps it to a 4.5 rating and says who should switch to it for LLM-ready scraping. Read it or try it.
|
Kit review
JUNE 29TH · PONDERO REVIEW
Kit's new MCP lets Claude run your subscriber list; we sort out whether the Creator plan earns the switch. Read it or try it.
|
beehiiv review
JUNE 27TH · PONDERO REVIEW
The Scale plan and MCP write access are new; our review names who should switch from Kit and who should stay put. Read it or try it.
|
|
|
|
|
Jonathan Hildebrandt
Co-founder and primary operator of Pondero. Writes the Pondero Brief.
|
|
|
Affiliate disclosure
·
Unsubscribe
·
Manage preferences
Pondero earns commissions on some links. This does not affect our editorial picks.
|
|