Daily Threat Briefing – May 18, 2026

Critical, high-impact threats are actively being exploited across web, email, and software-supply-chain infrastructure: NGINX CVE-2026-42945 (heap buffer overflow, CVSS 9.2) and Microsoft Exchange CVE-2026-42897 are under active attack, a TanStack npm/PyPI supply-chain compromise has led to credential theft at OpenAI and other firms, Cisco SD‑WAN has an unauthenticated admin bypass with a CISA federal patch mandate, and WooCommerce payment skimming plus extortion against education platforms are ongoing — immediate patching, credential rotation, audits, and incident response activation are recommended.