Security briefing: February 2026

Sysdig Threat Research Team's February summary details how AI is accelerating attacks and compressing kill chains, highlighting active exploitation of a critical BeyondTrust RCE (CVE-2026-1731), supply-chain and RCE issues in Cline CLI/OpenClaw (CVE-2026-25253), a Vidar infostealer harvesting tokens and API keys, an AI-assisted compromise of 600+ Fortinet devices across 55 countries, and a large French data breach (FICOBA) stemming from stolen privileged credentials; the report emphasizes maintaining fundamentals—patching, credential hygiene, token rotation, inventory and active detection—to mitigate rapidly weaponized threats.