SANS Stormcast Wednesday, May 13th, 2026: Microsoft Patch Tuesday; Large npm/pypi Compromise; Rubygems Attack - SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Summary4 min read

SANS Stormcast: Episode Summary

Date: May 13, 2026
Host: Johannes B. Ullrich
Main Theme:
This episode reviews a particularly significant Microsoft Patch Tuesday, highlighting over 130 vulnerabilities, and investigates a rapidly escalating series of major supply chain attacks affecting npm, PyPI, and RubyGems open source package repositories.

Microsoft Patch Tuesday: May 2026

Timestamps: 00:23 – 02:06

Large Number of Vulnerabilities Patched
- 137 vulnerabilities addressed across Microsoft products—"quite a large number" (00:23).
- 30 considered critical, though 14 of those relate to Microsoft cloud systems, requiring no customer action (Microsoft has patched these already) (00:35).
- 127 Chromium vulnerabilities also patched for Microsoft Edge (00:30).
Key Critical Vulnerabilities Highlighted
- Outlook Remote Code Execution: "That's a remote code execution vulnerability that could be triggered by just previewing an email, so no attachment that you need to open." (01:00)
- Single Sign-On Plugin Issue: "A vulnerability in the Microsoft single sign on plugin for Jira and Confluence. Given all the news we had about supply chain issues and such, that's certainly something to watch out for." (01:17)
- Netlogon Vulnerability: "The other one that I thought was kind of interesting was remote code execution vulnerability in Netlogon. Now the Netlogon service has always been sort of a big target." (01:35)
Zero Day Status
- "None of the vulnerabilities that were patched this round already being exploited or disclosed. So essentially no zero days this month." (01:49)

Escalating Supply Chain Attacks: npm, PyPI & RubyGems

Timestamps: 02:07 – 04:42

Scale and Spread of Attacks
- Widespread compromise impacting both npm and PyPI: "Socket.dev has a blog post with the latest series of what they call Minishai Hulut ... These attacks have extremely escalated over the last couple days across both npm and pypi." (02:12)
- "Initially there were 84 compromised packages of Tanstack. Tanstack has millions of downloads, so it's one of the very popular NPM packages. But sadly, well, it didn't stay with Tanstack." (02:29)
- Other affected high-profile packages include OpenSearch and Guardrails.AI, among "dozens and dozens of packages" compromised; the list continues to grow (02:44).
Propagation Mechanism
- Attackers exfiltrate credentials from compromised accounts, then use them to infect more packages: "What the compromise does ... is it does actually exfiltrate more credentials from more GitHub repositories, more GitHub accounts ... the attack is just spreading." (02:55)
- Initial entry at Tanstack "was a GitHub action where a malicious actor submitted a pull request ... included running the code. And in doing so, some of the credentials here were compromised." (03:11)
Attackers’ Tactics
- Attackers assign themselves malicious tokens, plant time bombs: "But they also then put a little time bomb into the developer systems that basically wipes the system if the developer does attempt to actually revoke those tokens." (03:32)
- Critical advice: proceed cautiously when patching, especially for npm and PyPI packages.
  - "I have seen some reputable sources recommend not to patch any in particular NPM packages for the next couple days. Maybe should be extended to pypi." (03:39)
  - "Personally I'm always a little bit ambivalent about this, but you definitely have to be careful ..." (03:47)
Recommended Resources
- Refer to Socket.dev's blog for defense and detection advice (03:50).

RubyGems Also Under Attack

Timestamps: 04:43 – 05:20

Waves of Malicious Packages
- RubyGems halts new account signups "because they're flooded ... by hundreds of malicious packages." (04:43)
- Some packages contain "outright malicious codes and exploits." (04:50)
Response Measures
- Signups and submissions "paused ... in order to deal with filtering and basically defending against these attacks they're currently seeing." (04:51)
- General recommendation: Stick to current versions unless an urgent need to update exists—applies to npm, PyPI, and now RubyGems. (05:00)

Key Takeaways

Patching Urgency: Despite the large number of Microsoft patches (including several severe vulnerabilities), none are zero-days. Patch management should remain a priority, especially for those vulnerabilities with possible large impact (e.g., Outlook, Netlogon).
Supply Chain Vigilance: The scope, sophistication, and automation of supply chain attacks are intensifying, targeting open source repositories with high download counts.
Defensive Posture:
- Be cautious with updates over the coming days, especially for npm, PyPI, and RubyGems packages.
  - "If there's no urgent vulnerability that you need to address, you should probably just stick with the version that you have right now." (05:02)
- Closely monitor advisories from affected ecosystems and follow security-focused resources like the Socket.dev blog.

Notable Quotes

"That's a remote code execution vulnerability that could be triggered by just previewing an email, so no attachment that you need to open."
— Johannes B. Ullrich (01:00)
"The attack is just spreading."
— Johannes B. Ullrich on supply chain compromises (02:55)
"Personally I'm always a little bit ambivalent about this, but you definitely have to be careful ..."
— Johannes B. Ullrich on whether to delay updating npm/PyPI packages (03:47)

In summary:
This episode emphasizes immediate concerns arising from supply chain attacks that are rapidly compromising software ecosystems, while balancing Patch Tuesday’s traditionally urgent message with careful, informed action in the open-source space. Caution, vigilance, and timely, validated updates are the order of the day.

Loading summary

Transcript1 lines

[00:05]
A
Hello and welcome to the Wednesday, May 13, 2026 edition of the SANS Internet Storm Summers Stormcast. My name is Johannes Ulrich, recording today from San Diego, California and this episode is brought to you by the Sans Edu Graduate Certificate Program in Cybersecurity Leadership. Well, today Microsoft Patch Tuesday. So let's start with a quick summary here. We got a total of 137 vulnerabilities being addressed by Microsoft. Now this is quite a large number, but in addition to this we actually also got 127 chromium vulnerabilities being addressed in Microsoft Edge. Now, when it comes to the Microsoft vulnerability, so the 137, you had 30, 30 critical ones here, that's a fairly large number compared to what we saw in the past. But 14 of these 30, so pretty much half of them do not require any customer action because these vulnerabilities are vulnerabilities in Microsoft cloud systems and as such of course there's nothing you have to do. Microsoft already took care of these for you. Now, among the remaining critical vulnerabilities, there are a couple stuff that caught my eye. One actually that I haven't listed in the diary is one in Outlook. That's a remote code execution vulnerability that could be triggered by just previewing an email, so no attachment that you need to open. There is also a vulnerability in the Microsoft single sign on plugin for Jira and Confluence. Given all the news we had about supply chain issues and such, that's certainly something to watch out for. The other one that I thought was kind of interesting was remote code execution vulnerability in Netlogon. Now the Netlogon service has always been sort of a big target. Definitely something where as I post a diary, it's worth to spend some AI tokens for to come up with a good exploit, at least from an attacker's point of view. So definitely get them patched. On sort of the good news side here, none of the vulnerabilities that were patched this round already being exploited or disclosed. So essentially no zero days this month. Well usually on Patch Tuesday we heavily focus on patches from various vendors and well the urgencies here always patch, patch quickly. Today's podcast is a little bit different because well, supply chain attacks appear to be escalating. Socket.dev has a blog post with the latest series of what they call Minishai Hulut, sort of part of that team PC. So these attacks have extremely escalated over the last couple days across both npm and pypi. So both JavaScript and python are affected here. Initially there were 84 compromised packages of Tanstack. Tanstack has millions of downloads, so it's one of the very popular NPM packages. But sadly, well, it didn't stay with Tanstack. We then immediately got additional packages being affected here and I'm just scrolling through some of them misterally. And OpenSearch. OpenSearch is one of the real big ones here that got affected, particularly when it comes to NPM guardrails. AI another big packages. A lot of squawk packages got affected by this latest set of attacks. So we literally have dozens and dozens of packages being compromised and, and more being added all the time because, well, what the compromise does then is it does actually exfiltrate more credentials from more GitHub repositories, more GitHub accounts are being compromised and well, with that the attack is just spreading. Apparently the initial entry point here when it comes to tanstack was a GitHub action where a malicious actor submitted a pull request and then the GitHub action basically sort of ran through the usual checks of the pull request, which also included running the code. And in doing so some of the credentials here were compromised and that then led to the compromise of tanstaq. There are also some versions of these supply chain compromised in the last few days where the attacker exfiltrated or assigned themselves malicious tokens and with these credentials then will basically spread more malicious code. But they also then put a little time bomb into the developer systems that basically wipes the system if the developer does attempt to actually revoke those tokens. So be careful if you're affected by any of this. And I have seen some reputable sources recommend not to patch any in particular NPM packages for the next couple days. Maybe should be extended to pypi. Personally I'm always a little bit ambivalent about this, but you definitely have to be careful and well, basically read particularly socket.dev blog post which has a lot of hints on first of all how to secure yourself better and how to detect if you're affected by this most recent compromise. But sadly, well, it's not just NPM and Python that is affected by these types of attacks. There's also a separate wave of attacks apparently hitting Ruby. RubyGems announced that they are currently pausing signups for new accounts because they're flooded as posts on Xstate by hundreds of malicious packages. Some attacks against regens, but also some just containing outright malicious codes and exploits. So that's why they basically just paused submissions, paused new signups for now in order to deal with filtering and basically defending against these attacks they're currently seeing. So in short, well that's why you should be careful for at least the next couple days, but probably going forward with updating software components. And for now now, if there's no urgent vulnerability that you need to address, you should probably just stick with the version that you have right now. Again, this affects at least npm and pypi, but as we see with RubyGems, there are other languages also being affected by these types of attacks. And it's not just Team PCP and the Minishat Hulut kind of attacks, but there's a variety of different attacks going on. Those are just the big ones that sort of make the news. Well, this is it for today, so thanks for listening, thanks for liking, thanks for subscribing and thanks for any feedback about the content that I've sort of received over the time for this podcast. Always really helpful and very much appreciated. So thanks and talk to you again tomorrow. Bye.