February has proven that the greatest threat to your organisation isn’t a vulnerability in your firewall, it’s the weaponisation of the trust you place in your internal tools and staff. From AI coding assistants to accidental law enforcement data leaks, the defining trend is clear. Identity and access are the new zero day.
If you’re a cybersecurity leader in an SME, February likely felt like a pivot point. The landscape has shifted from passive compliance to active operational risk. And none of this month’s major incidents targeted enterprise giants. The Dutch Police breach and the mid-market LinkedIn campaign confirm that size is no longer a defence, operational trust is.
1. Critical Infrastructure & Supply Chain
The Clinejection Watershed & The ICT Toolbox
On February 13th, the European Commission officially launched the ICT Supply Chain Security Toolbox, the operational playbook for the revised Cybersecurity Act 2.0. This is the regulatory framework that will define how you evidence supply chain risk for the next three years.
Four days later, on February 17th, the first major “Agentic AI” supply chain attack struck the developer community, proving the timing could not have been more pointed.
Your Sector
- Financial services: The ICT Toolbox maps directly to your third party ICT risk requirements. A compromised vendor in your build pipeline is a reportable incident under DORA.
- Healthcare / SaaS: Any AI coding assistant with access to your codebase and data schemas is a supply chain risk under NIS2 and GDPR. If it’s not on your approved tool list, it’s an unmanaged exposure.
- Legal / Government contracts: Client data sovereignty clauses and government contract security schedules are increasingly asking for the “geopolitical country of origin” of developer tools. This is now an audit question.
Cline CLI (v2.3.0), an AI-powered coding assistant used by thousands of developers, was compromised on February 17th. Attackers used a prompt injection flaw in GitHub’s automated triage system to steal internal tokens and push malicious code downstream.
- Attack vector: Prompt injection via GitHub’s automated triage system to steal privileged tokens.
- Pivot technique: GitHub Actions cache poisoning moved the attack from a public issue to a high privileged production environment.
- Scale: A single malicious issue title was sufficient to influence an automated build pipeline reaching thousands of developers.
- Detection gap: The entire attack occurred within trusted automated systems, no human action triggered the breach.
Why this matters
Under NIS2, you must now prove you have evaluated the “autonomy risks” of your AI tools, not just their functionality. Relying on a vendor’s assurance reports is no longer sufficient for regulatory defensibility. A vendor can be fully compliant today and compromised tomorrow.
Your Third Party Assurance programme must account for the continuous, autonomous nature of AI agents in your supply chain.
Secora’s Third Party Assurance Assessments verify that your partners, and the AI agents they deploy, meet European sovereignty and NIS2 standards. If you haven’t audited your CI/CD pipeline’s third party dependencies this quarter, that audit is overdue.
2. The New Perimeter (Identity & Trust)
The Administrative Pivot: When Process Failures Become Criminal Cases
This month observed two distinct but connected identity threats including administrative errors that escalated into criminal investigations, and AI-powered social engineering campaigns that bypassed every technical defence by targeting human trust instead.
The Dutch Police Incident
On February 12th, a man was arrested in the Netherlands after police accidentally sent him a download link instead of an upload link for evidence. When he refused to delete the confidential files and demanded a reward, he was charged with computer trespassing.
The significance for your organisation is not the criminality, it is the mechanism. Under the modern EU legal and regulatory framework, intent is secondary to the actions taken once access is gained. A single misconfigured link triggered a national level data breach report and a criminal investigation. Your administrative workflows carry the same risk.
The LinkedIn Long Con Campaign
We observed a rise in sophisticated campaigns where AI-generated profiles build genuine professional rapport over multiple days before sending “project briefs” containing info-stealers. By the time the file arrives, the target’s psychological guard is completely down and the file is opened despite standard security warnings appearing. These attacks don’t look like attacks. They look like business opportunities.
Your Sector
- All regulated sectors: Under GDPR, a breach caused by a workflow error such as a wrong link or a misdirected email, carries the same 72 hour notification obligations as a targeted malware attack. Your data protection risk is not only adversarial. It is operational.
Secora’s Adversary Simulation Testing and Simulated Phishing Attacks replicate these long con tactics in a controlled environment. Simulation is the only way to build genuine resilience, awareness training alone will not stop an attack that looks like a legitimate business conversation.
3. From Malware to Manipulation
PayPal, Shadow AI and the Governance Gap
On February 22nd, PayPal confirmed a credential stuffing breach in which attackers accessed accounts, reset passwords and stole funds. The immediate lesson is password hygiene. The deeper lesson is that your organisation’s risk profile is increasingly tied to the security behaviour of your end users, behaviour your current tooling cannot see or govern.
Simultaneously, staff across every sector are using Shadow AI such as ChatGPT, Copilot and internal LLMs, to query sensitive data and summarise confidential documents without formal approval. This is happening in your organisation right now. The question is not whether to address it, but how quickly.
Your Sector
- Financial services / Legal: Querying client financial data or privileged documents through an unapproved LLM may constitute a third party data transfer under your regulatory framework. Audit logging is now a compliance requirement, not a best practice.
The Resilience Gap
Attackers are exploiting Shadow AI through Re-Prompting through crafting layered queries designed to exhaust an AI agent’s context window, forcing the model to ignore safety instructions and surface sensitive data. Most organisations have no audit logging on what staff are querying through AI tools, meaning there is no way to know if this vector has already been exploited.
Actionable Fix
Establish a formal Approved Tool List for LLMs, paired with data classification policies that define what can and cannot be queried through each tool.
Implement semantic guardrails on any AI agent with read/write database access, these are privileged actors and must be governed as such. Without audit logging, your AI assistants are functioning as unmonitored backdoors.
4. The February ‘Fix List’
If you haven’t patched these by the end of the month, your environment is at elevated risk. The MDM and browser entries are particularly critical given the identity and session hijacking attacks described above.
- Ivanti Endpoint Manager (EPMM): CVE-2026-1281, a critical MDM zero vday. Patch immediately.
- NPM/Cline Cline CLI (v2.3.0): Supply Chain Compromise. Update to v2.4.0 and audit environment.
- Google Chrome / Chromium: CVE-2026-2441 a critical RCE. Update all endpoints immediately.
- PayPal User Accounts: Credential Stuffing. Force password resets for users with reused credentials.
5. Your March Priority List
We know most of you are managing this alongside a dozen other responsibilities, without a dedicated security team. These three priorities are not a to-do list, they are the starting points for a focused conversation about where your exposure is greatest.
Priority 1: Supply Chain
The Cline attack proved that any AI tool with privileged access to your environment is a supply chain risk, regardless of how reputable the vendor was yesterday.
A Third Party Assurance Assessment maps every vendor and AI agent with system access, evaluates their autonomy risks, and builds the documented evidence trail your regulators are beginning to require. It also provides the answer when a client or auditor asks about supply chain governance.
Priority 2: Identity Resilience
MFA is the bare minimum, not the finish line.
A Cybersecurity Maturity Assessment focused on Identity Threat Detection & Response (ITDR) identifies whether your organisation can detect and respond to session hijacking, credential stuffing and rapport based compromise. The output gives you documented evidence of due diligence to present to your board, regulators or enterprise clients.
Priority 3: Operational Response
Recovery speed is the only metric that matters when a vendor, AI tool, or key system goes offline. Crisis Management Exercises test your leadership team’s decision-making under pressure before a real incident forces the question. They also generate the documented response capability that regulators under NIS2 and DORA are increasingly expecting to see evidenced at audit.
From Reaction to Readiness
The perimeter is gone. The firewall still matters, but the real attack surface in 2026 is the web of trust your organisation depends on including trusted vendors, trusted tools and trusted colleagues. Security must be woven into how your business operates, not bolted on when an audit or a client demand forces the issue.
The organisations that navigate this well are not the ones with the biggest budgets. They are the ones with the clearest picture of where they are exposed. Before you book a call, ask yourself, can you show your board documented evidence of how you would respond if a key vendor was compromised tomorrow? If the answer is uncertain, or if any section of this briefing made you wonder “are we covered on that?”, that question is worth answering now.
We offer a no-obligation initial conversation to help you identify your most pressing priorities across compliance, identity and supply chain risk. No 50 page report. No generic audit. Just clarity, tailored to your sector and your team’s real constraints.
Interested in finding out more? Book a call with our team through the form below.