How AI Coding Tools Crushed the Endpoint Security Fortress

Security researcher Oded Vanunu of Check Point Software presented at RSAC 2026, arguing that AI coding assistants like Claude Code, OpenAI Codex CLI, Cursor, and Google Gemini CLI have systematically dismantled decades of endpoint security progress. These tools require broad local filesystem access and high privileges, making them invisible to EDR and other security products. His team disclosed six CVEs across these tools, including MCP consent bypasses, code injection via .env/.toml config files, and a 'swap attack' in Cursor that replaces approved commands with malicious payloads. A key finding is that attackers no longer need traditional malware — they can embed malicious instructions in configuration files like .json, .env, or .toml. Mitigations recommended include auditing shadow AI usage, sandboxing AI shell tasks, and adopting a 'Configuration = Code' zero-trust policy for developer workstations.