AI coding agent security vulnerabilities surge

Multiple new attack vectors: Claude Code sandbox bypass via SOCKS5 null-byte (Anthropic silent patch), VS Code extension supply chain attack targeting Claude Code configs, TrapDoor supply chain poisoning of .cursorrules/CLAUDE.md with zero-width Unicode, and symlink RCE in Cursor CLI. Research paper 'How Agentic AI Coding Assistants Become the Attacker's Shell' provides systematic analysis with CVEs. New: Fake Claude Code malware campaign with 88 domains and multi-stage payload targeting developers (ex-4c55abfb). These illustrate structural security failures in AI coding toolchains.