IT News Roundup: Exchange Zero-Day, Grafana Breach, and Supply Chain Attacks - May 19, 2026

The past week has been dominated by active exploitation of critical vulnerabilities, a high-profile open-source code theft, and an escalating supply chain attack campaign. Below are the most significant stories for IT professionals and homelab operators to track.

Microsoft Exchange Server Zero-Day CVE-2026-42897 Actively Exploited in the Wild

Microsoft disclosed CVE-2026-42897 on May 14, a cross-site scripting (XSS) vulnerability in on-premises Exchange Server Outlook Web Access with a CVSS score of 8.1. An attacker can exploit this flaw by sending a specially crafted email to a user. If the recipient opens the email in OWA under certain interaction conditions, arbitrary JavaScript executes in the browser context.

The vulnerability has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, signaling confirmed active exploitation in the wild. Federal agencies and organizations following Binding Operational Directive (BOD) 22-01 are required to remediate by May 29, 2026. Microsoft has published emergency mitigation guidance for affected on-premises deployments.

Source: The Hacker News, Microsoft Tech Community

Grafana Labs Codebase Stolen in GitHub Token Breach — Extortion Refused

Grafana Labs confirmed on May 16 that an unauthorized party accessed its GitHub environment using a stolen access token, enabling threat actors to download the company's private source code. The breach was detected by a canary token — a security mechanism that alerts when sensitive credentials are accessed.

After exfiltrating the codebase, the attackers sent a ransom demand. Grafana Labs publicly refused to pay and disclosed the incident transparently. The company confirmed that the stolen token did not grant access to customer records or financial data, limiting the blast radius to source code exposure.

The incident underscores the importance of credential monitoring and canary token deployments for any organization managing private repositories. Homelab operators using Grafana should monitor for any signs of supply chain compromise in future releases.

Source: TechCrunch, BleepingComputer

Mini Shai-Hulud Worm Hits TanStack, Mistral AI, and UiPath npm Packages

On May 11, a self-replicating supply chain worm dubbed Mini Shai-Hulud compromised 84 npm package artifacts across 42 packages in the @tanstack namespace — one of the most widely used JavaScript ecosystems. The attack, attributed to the threat actor TeamPCP, spread laterally to affect projects including Mistral AI, OpenSearch, Guardrails AI, and UiPath through compromised build pipelines.

The worm operates by infiltrating developer environments and exfiltrating credentials from npm, GitHub, AWS, and Kubernetes configurations. In total, 160 npm and PyPI packages were poisoned, reaching multiple major AI and DevOps projects. The Session Protocol infrastructure was deliberately used in the campaign, suggesting a coordinated and sophisticated operation.

Snyk and other security vendors published remediation guidance. Organizations using TanStack or affected packages should audit their dependency trees and rotate any credentials that may have been exposed.

Source: The Hacker News, Snyk

PraisonAI Authentication Bypass Exploited Within Four Hours of Disclosure

CVE-2026-44338, an authentication bypass vulnerability in PraisonAI's legacy Flask API server (CVSS 7.3), became public on May 11. Within four hours, threat actors were already probing exposed PraisonAI instances. Scanners using the user agent CVE-Detector/1.0 targeted the /agents endpoint without authorization, attempting to access internal AI agent workflows.

The vulnerability stems from the framework shipping with authentication disabled by default on its legacy API server, effectively handing attackers unrestricted access to configured agent workflows. Sysdig and other researchers documented the rapid exploitation timeline, highlighting the growing trend of near-instant CVE weaponization driven by automated exploit frameworks.

Users of PraisonAI are urged to upgrade immediately and ensure authentication is explicitly enabled. The case serves as a stark reminder that open-source AI tools require the same security hygiene as any production-facing service.

Source: Sysdig, The Hacker News

Microsoft May 2026 Patch Tuesday Addresses 120+ Vulnerabilities

Microsoft's May 2026 Patch Tuesday delivered security updates for over 120 vulnerabilities across Windows, Office, Azure, developer tools, and Microsoft 365. The release included 29 remote code execution (RCE) flaws rated Critical, with no zero-days disclosed this cycle. Key highlights include elevation of privilege vulnerabilities in Win32k (CVE-2026-33840) and the Windows Kernel (CVE-2026-33841).

However, the Windows 11 update (KB5089549) has been reported to fail installation on some systems, triggering error code 0x800f0922. Microsoft has confirmed the issue and stated that a full resolution is in development. Affected users are advised to apply published workarounds or defer the update until a fix ships.

Source: BleepingComputer, Cybersecurity News

Fortinet Patches Critical RCE in FortiAuthenticator (CVE-2026-44277)

Fortinet published advisories for CVE-2026-44277, an improper access control vulnerability in FortiAuthenticator with a CVSS score of 9.1. The flaw allows an unauthenticated remote attacker to execute arbitrary code or commands via crafted requests. Multiple product versions are affected, including the 8.0.x, 6.6.x, and 6.5.x release lines.

The vulnerability was disclosed alongside patches for critical flaws in FortiSandbox and FortiSandbox Cloud. Organizations deploying FortiAuthenticator for identity and access management should prioritize patching, as the remote code execution path requires no authentication.

Source: FortiGuard Labs, The Hacker News

Google I/O 2026 Keynote Begins Today — Gemini AI and Agentic Coding in Focus

Google I/O 2026 kicks off today with its main keynote, expected to feature major announcements across Gemini AI, Android, Chrome, and Google Cloud. Google has teased updates to agentic coding capabilities and the latest Gemini model improvements. The two-day developer conference runs May 19-20 and is available for live streaming.

The event arrives amid a broader AI infrastructure arms race — Google recently committed up to $40 billion in investment in Anthropic, locking in 5 gigawatts of TPU compute capacity. Expect I/O to reveal how Google plans to compete across both consumer AI products and enterprise infrastructure.

Source: Google Developers Blog, Android Police