Wednesday War Room – 05/20/2026

Attackers are not choosing one lane. They are taking the whole road.

Author

J.W. Croley
May 20, 2026

In partnership with

2026 State of AEO Report

A year ago, most marketers weren't thinking about AI search. Now it's one of the fastest moving channels in the industry and nobody has a playbook yet.

So we built one. We surveyed hundreds of marketers to find out how they're approaching answer engine optimization, where they're investing, what's actually working, and what isn't.

The result is the 2026 State of AEO Report. Real data. Real strategies. A clear picture of where AI search is headed and how to get ahead of it.

Over the last 48 hours, the theme is painfully clear: developer trust, web platforms, AI infrastructure, and identity-heavy systems are all getting worked at the same time.

Let’s dive in.

GitHub Confirms Internal Repository Breach

Risk Level: Critical

Business Impact: Source code exposure can reveal internal architecture, development practices, secrets-handling patterns, and potential paths for follow-on supply chain attacks.

What You Need to Know

GitHub confirmed that roughly 3,800 internal repositories were breached after an employee installed a malicious VS Code extension, with TeamPCP claiming access to GitHub source code and internal orgs. GitHub says it has no evidence of impact to customer repositories outside internal repos, but the incident is still a major reminder that trusted developer tooling can become a breach path, according to BleepingComputer’s GitHub breach report and Help Net Security’s summary.

Why This Matters

  • Developer extensions now sit inside the trust boundary of source code, tokens, and build workflows.

  • Internal source exposure gives attackers a roadmap for future targeting.

  • “No customer impact” today does not mean “no downstream risk” tomorrow.

Executive Actions

🧩 Enforce extension allowlisting for developer workstations and block unapproved marketplaces.

🔑 Rotate repo, CI/CD, and developer tokens exposed to high-risk dev environments.

🧱 Require signed commits, branch protections, and workflow-change approvals.

🕵️ Monitor for unusual extension installs, unexpected repo access, and abnormal build activity.

Drupal Emergency Core Update Warns Exploits May Arrive Within Hours

Risk Level: Critical

Business Impact: Vulnerable Drupal sites can become rapid targets for webshells, data theft, credential harvesting, and brand-damaging defacement.

What You Need to Know

Drupal scheduled an urgent core security release for May 20 and warned administrators to reserve update time because exploit development could happen within hours or days of disclosure. The issue affects Drupal core versions 8 and later, with admins urged to update supported branches and plan hotfixes for older 8/9 deployments, according to BleepingComputer’s Drupal update warning and SecurityWeek’s exploitation-risk coverage.

Why This Matters

  • Drupal is common in government, education, healthcare, and large enterprise sites.

  • CMS flaws move from disclosure to mass scanning extremely fast.

  • End-of-life Drupal deployments create business risk because normal patch paths may not exist.

Executive Actions

🩹 Patch Drupal core immediately once the release is available and validate the deployed version.

🌐 Inventory all Drupal sites, including old campaign sites, microsites, and “forgotten” portals.

🔎 Hunt for webshells, suspicious uploads, new admin users, and unexpected PHP execution.

🧱 Restrict admin access and add WAF rules while patching is underway.

ChromaDB “ChromaToast” Pre-Auth RCE Can Lead to Server Takeover

Risk Level: Critical

Business Impact: Vector database compromise can expose API keys, environment variables, mounted secrets, model data, and sensitive AI application context.

What You Need to Know

Researchers disclosed CVE-2026-45829, also called ChromaToast, an unpatched ChromaDB vulnerability that can be exploited remotely without authentication by abusing trusted Hugging Face model identifiers before auth checks complete. The flaw can spawn a shell and leak sensitive server data, according to SecurityWeek’s ChromaDB server takeover report.

Why This Matters

  • Vector databases increasingly sit next to sensitive prompts, embeddings, and app secrets.

  • Pre-auth RCE in AI infrastructure creates immediate risk to downstream apps and connected services.

  • “AI stack” does not mean “safe stack.” It still needs normal exposure control and runtime monitoring.

Executive Actions

🔒 Remove public exposure from ChromaDB instances immediately and require authenticated private access.

🔑 Rotate API keys and environment secrets accessible from affected servers.

🕵️ Hunt for unexpected Hugging Face model pulls, shell activity, and outbound callbacks.

🧱 Segment AI data stores away from production secrets and privileged cloud identities.

Leadership Insight:

This week is the uncomfortable version of the modern threat model:
Trusted tooling is becoming the delivery mechanism.

GitHub extensions, Drupal sites, vector databases, Exchange mailboxes, signed binaries, and image-based payload delivery all rely on the same core weakness: systems and users trusting familiar formats, familiar platforms, and familiar workflows.

The executive takeaway is simple: if a tool can run code, store secrets, authenticate users, or shape business communication, it is not “supporting infrastructure.” It is part of the security boundary.

Real-World Ads, Simple to Run

With AdQuick, executing Out Of Home campaigns is as easy as running digital ads. Plan, deploy, and measure your real-world advertising effortlessly — so your team can scale campaigns and maximize impact without the headaches.

Microsoft Exchange Zero-Day Under Attack With No Patch Available

Risk Level: Critical

Business Impact: Exchange OWA compromise can expose mailboxes, session tokens, mailbox settings, and internal communications used for follow-on phishing.

What You Need to Know

Microsoft disclosed an actively exploited Exchange Outlook Web Access zero-day, CVE-2026-42897, but customers were still awaiting a patch as of the latest reporting. The XSS flaw can execute arbitrary JavaScript in the OWA browser context when a user opens a crafted email under certain conditions, potentially exposing mailbox access and session tokens, according to Dark Reading’s Exchange zero-day report.

Why This Matters

  • OWA is a high-value access path because email is still the center of business trust.

  • No patch available means mitigations and monitoring matter immediately.

  • Mailbox compromise quickly becomes internal phishing, invoice fraud, and identity abuse.

Executive Actions

🧯 Apply Microsoft temporary mitigations and restrict OWA exposure where feasible.

🔐 Strengthen conditional access, session controls, and step-up verification for webmail.

🕵️ Hunt for suspicious mailbox access, new forwarding rules, and mailbox setting changes.

📣 Warn users about crafted email risks and prioritize exec/admin/finance mailboxes for monitoring.

PureLogs Infostealer Hides Payloads Inside Cat Photos

Risk Level: High 

Business Impact: Infostealer infections can expose browser cookies, passwords, crypto wallets, VPN configs, authenticators, and enterprise sessions for follow-on compromise.

What You Need to Know

Fortinet researchers found a phishing campaign delivering PureLogs through invoice-themed emails that contain a TXZ archive, then use JavaScript, hidden PowerShell, a loader called PawsRunner, and steganography to extract encrypted payloads from PNG cat images. The final infostealer harvests credentials and session data from browsers, password managers, crypto wallets, communication apps, VPN tools, and Outlook, according to Help Net Security’s PureLogs report.

Why This Matters

  • Infostealers are one of the fastest paths from one endpoint to many accounts.

  • Session cookies and tokens often bypass the protections users think MFA provides.

  • Steganography and legitimate file formats complicate detection and user awareness.

Executive Actions

🧠 Brief users on invoice-themed archive lures and block high-risk archive types where possible.

🔎 Hunt for hidden PowerShell, unusual TXZ/archive execution, and suspicious PNG retrieval behavior.

🔐 Invalidate sessions and rotate passwords for affected users, not just remove malware.

🧱 Reduce local admin rights and restrict script execution from user-writable paths.

Microsoft Disrupts Fox Tempest Malware-Signing Service

Risk Level: High 

Business Impact: Signed malware can bypass trust-based defenses and make ransomware, loaders, and stealers appear legitimate long enough to execute.

What You Need to Know

Microsoft disrupted Fox Tempest, a malware-signing-as-a-service operation that abused Microsoft Artifact Signing to create short-lived code-signing certificates for malware disguised as legitimate software. Microsoft revoked more than 1,000 certificates and linked the service to ransomware families including Rhysida, Inc, Qilin, and Akira, according to SecurityWeek’s Fox Tempest disruption coverage.

Why This Matters

  • Code signing is a trust signal attackers are actively monetizing.

  • “Signed” does not mean “safe,” especially when certificate abuse is industrialized.

  • This directly supports ransomware delivery and evasion at scale.

Executive Actions

🛡️ Review application control policies so signed binaries are not automatically trusted.

🔎 Alert on newly signed executables from unusual publishers or unexpected certificate chains.

🧾 Validate software distribution paths and approved installer sources.

🧯 Treat suspicious signed binaries as incident-worthy, not “probably fine.”

⚙️ Immediate Leadership Checklist ⚙️

🧩 Enforce developer extension allowlisting and review VS Code/IDE extension inventories

🩹 Prioritize Drupal core patching and inventory forgotten CMS deployments

🤖 Lock down AI infrastructure like ChromaDB: private access, secret rotation, egress monitoring

📧 Apply Exchange mitigations and increase OWA/mailbox anomaly monitoring

🔐 Treat infostealer cases as identity incidents: kill sessions, rotate creds, review tokens

🛡️ Harden application control policies so “signed” does not automatically equal “trusted”

💡 If your security strategy still trusts extensions, signed binaries, and “just an image file” by default, attackers would like to thank you for keeping the door politely unlocked. 💡

J.W.

(P.S. Check out our partners! It goes a long way to support this newsletter!)

Turn AI into Your Income Engine

Ready to transform artificial intelligence from a buzzword into your personal revenue generator

HubSpot’s groundbreaking guide "200+ AI-Powered Income Ideas" is your gateway to financial innovation in the digital age.

Inside you'll discover:

  • A curated collection of 200+ profitable opportunities spanning content creation, e-commerce, gaming, and emerging digital markets—each vetted for real-world potential

  • Step-by-step implementation guides designed for beginners, making AI accessible regardless of your technical background

  • Cutting-edge strategies aligned with current market trends, ensuring your ventures stay ahead of the curve

Download your guide today and unlock a future where artificial intelligence powers your success. Your next income stream is waiting.