$3,000 per AI Security Audit

🎁 $1,000+ in free AI tools. Expire Weekly Access Offers →

✨ Your personalised AI income roadmap. Built in 1 min Build Mine →

⬇️ 100 ways to make money with AI. Free PDF Download Free →

A newly discovered attack already hit 2,388 companies by hiding instructions where AI coding assistants would read and obey them. It has a name now — "agentjacking" — and almost nobody knows how to defend against it. That gap is your opportunity.

Get cited by AI engines: your on-page AEO checklist

On-page SEO didn't die. It evolved.

Just like in traditional search, AI bots need to read and understand your content before promoting it. How fast, readable, structured, and chunkable your page is determines whether it gets cited or gets ignored.

Our On-Page AEO Checklist is the comprehensive framework for earning citations, built around the four pillars you control: content, technical health, crawlability, and authority.

Inside the checklist:

• The chunking and answerability formatting that AI engines actually extract

• A bot-by-bot analysis of GPTBot, ClaudeBot, PerplexityBot, and others—and what to allow vs. block

• A cadence of daily, weekly, monthly, and quarterly tasks so nothing slips

Your on-page work is the one layer of AI search you control. Make every page count.

Get the checklist

Earlier this month, security researchers gave a name to something that had quietly been happening across thousands of companies for weeks: agentjacking. The attack does not target a person. It targets the AI. Specifically, it targets the trust that developers have built up with their AI coding assistants — Claude Code, Cursor, OpenAI Codex — over the past year of relying on them to debug software automatically.

Here is how it works, in plain terms. Developers use AI coding agents that read error reports from monitoring tools and automatically suggest or even execute fixes. Attackers discovered they could craft a fake error report containing hidden instructions, disguised as ordinary debugging text. When the AI agent reads that fake report, it follows the hidden instructions as if they were legitimate guidance — and executes commands the developer never approved. The attack succeeded 85% of the time it was attempted, and it has already affected close to 2,400 organizations.

Why this is different from a normal hack

A traditional hack tries to break through a wall. Agentjacking does not break anything — it persuades. The AI agent is doing exactly what it was designed to do: read information, trust it, and act on it. The attacker simply hides the instructions inside something the agent expects to see and trust, like a routine error log. The uncomfortable truth is that the more developers trust their AI tools, the more vulnerable they become to an attack built entirely around that trust.

This is not a future risk. It is happening now, and it points directly at something most companies have not even considered: as AI agents take on more independent work — debugging code, managing customer data, processing invoices, running marketing campaigns — every one of those workflows becomes a new door that did not exist a year ago. Most businesses have no idea those doors are open, let alone how to lock them.

Why this is a real income opportunity, not just scary news

Every time a new piece of technology becomes widespread faster than the security knowledge needed to protect it, a new profession is born to close that gap. It happened with websites in the 1990s. It happened with mobile apps in the 2010s. It happened with cloud computing. Right now, it is happening with AI agents — and most companies deploying them have absolutely no one checking whether their setup is exposed.

This does not require a computer science degree or years of cybersecurity training. It requires understanding one specific, narrow thing well: how AI agents read input, what they trust automatically, and where that trust can be abused. That is a learnable skill, and right now there is close to zero competition because the attack itself is barely three weeks old.

How to actually start this — even with no security background

Your first 30 days in AI agent security

01Learn the attack pattern, not the whole field of cybersecurity. You do not need to become a general security expert. You need to deeply understand one category: prompt injection and agentjacking-style attacks against AI coding tools and customer service bots. Read every public writeup on agentjacking this month. There are very few. That is your advantage.

02Build a simple checklist and test it on yourself first. Set up a sandbox AI coding agent, try the documented attack pattern against it in a safe environment, and document what worked and what stopped it. This becomes both your proof of skill and the actual service you sell.

03Offer a free audit to three small companies you know. Any local software shop, agency, or startup using Claude Code or Cursor is a candidate. Most have never thought about this risk. Walk them through what you found, in plain language, and the value of what you do becomes obvious immediately — that is your case study and your first testimonial.

04Package it simply: a one-time audit, plus an optional monthly retainer. The pitch is concrete and urgent: "Here is exactly how an attacker could compromise your AI coding workflow right now, and here is what it costs to fix it." Urgency plus specificity is what makes security services easy to sell, even for first-time consultants.

The window will not stay open long

Within a year, AI agent security will almost certainly become a standard line item — built into every major coding platform, audited by big consulting firms, taught in bootcamps. The companies funding AI cybersecurity startups already see this coming, which is exactly why the smart money is pouring in early. The same logic applies to individuals. The person who understands agentjacking deeply today, while it still has no official playbook, has a real head start over everyone who learns it next year when it is common knowledge.

You do not need permission to start. You need one sandbox environment, one weekend of focused learning, and three honest conversations with businesses who have no idea this risk exists yet. The opportunity is not hypothetical — it is sitting in nearly 2,400 companies' inboxes right now, most of which still do not know they were exposed. ■

Top News This Week

Americas

SpaceX just bought Cursor's parent company for $60 billion — and it's not really about coding

Build Fast With AI · June 23, 2026 · SpaceX's all-stock acquisition of Anysphere, maker of the AI coding tool Cursor, is now a week old and still settling. Cursor generates roughly $4 billion in annualized revenue. A joint coding model trained on xAI's Colossus infrastructure is reportedly already in development for both Cursor and a new product called Grok Build. The acquisition reads less like a coding tool purchase and more like SpaceX assembling a full AI stack to rival OpenAI and Anthropic directly.

Anthropic's newest model got pulled offline by the US government — then came back paywalled

Build Fast With AI · June 23, 2026 · Claude Fable 5 launched June 9 with a 13-day free window, but a Commerce Department export control directive forced it offline from June 12 to June 18 — meaning subscribers got only 4 to 5 free days instead of 13. As of today, June 23, Fable 5 moved to paid usage credits with no compensation announced for the lost time. A live example of why no business should build critical workflows on a single AI provider.

ChatGPT's market share just dropped below half for the first time ever

Industry tracking · June 2026 · ChatGPT's share of the global AI assistant market fell to 46.4%, with Google's Gemini climbing to 27.7% and Claude reaching 10.3%. ChatGPT still leads on raw users at 1.1 billion monthly actives, but Claude leads on the metric advertisers and investors watch closest: 13% of its users pay for a subscription, the highest conversion rate in the industry.

Asia & Global

The scientist who invented the architecture behind every major AI model just jumped to OpenAI

Build Fast With AI · June 22, 2026 · Noam Shazeer, co-author of the 2017 paper that introduced the Transformer architecture underlying GPT, Gemini, Claude, and virtually every modern AI system, announced on June 18 he is joining OpenAI as Lead for Architecture Research. He had been re-hired by Google for $2.7 billion in 2024 after co-founding Character.AI. The move signals OpenAI is doubling down on fundamental research as competition intensifies.

A US executive order is rewriting the rules for AI and cybersecurity — with a 30-day deadline already ticking

The White House · June 2, 2026 · A presidential order signed this month directs federal agencies to form an AI cybersecurity clearinghouse within 30 days, coordinating vulnerability scanning and patch distribution across government and industry. It explicitly frames AI-related cybersecurity as a national priority — reinforcing just how seriously governments are now treating the exact kind of risk that agentjacking represents.

Google just shipped its most capable model ever — and the timing could not be more pointed

AI Update · June 22, 2026 · Gemini 2.5 Pro with Deep Think reasoning mode launched today, arriving right as Anthropic's Fable 5 moves behind a paywall and Google faces pressure to deliver Gemini 3.5 Pro by its self-imposed June 30 deadline. Early benchmarks suggest it may be the most capable publicly available model from any lab right now.

Growth Requires Letting Go of the Wrong Work

The work that got you here won’t take you further.

Without support, it’s easy to stay stuck doing everything long after you’ve outgrown it.

Download Operator to Owner: How to Exit the Middle to learn how to refocus your time on the work that actually deserves you.

Download the Free Guide.

This Week's Top AI Funding Rounds

Sources: Build Fast With AI, AI Funding Tracker, Crunchbase, The White House, Radical Data Science, AIToolly, Intellizence. Data as of June 23, 2026. The AI Edge is independent. Product offers clearly labelled. No undisclosed paid placements.