← Back to Blog
Security Briefing4 min read2026-04-21

Security Briefing, April 21 2026: SGLang RCE, Microsoft Teams Impersonation, and ZionSiphon OT Malware

This morning’s threat picture is about trusted workflows turning hostile. AI model serving can become remote code execution, collaboration tools are now social-engineering launchpads, and OT malware is getting closer to real-world utility sabotage.


Top line: Three signals matter today: AI infrastructure is part of the attack surface, collaboration platforms are being used for human-layer intrusion, and OT-focused malware keeps inching toward physical-world disruption.


1. Critical SGLang flaw turns malicious GGUF files into remote code execution

The Hacker News highlighted CVE-2026-5760, a critical command-injection issue in SGLang’s reranking endpoint. A specially crafted GGUF model file can trigger arbitrary code execution in the context of the SGLang service. If your AI stack imports, tests, or serves third-party model artifacts, that is not a niche problem, it is a production problem.


2. Microsoft says Teams is increasingly abused for helpdesk impersonation attacks

BleepingComputer reported that attackers are abusing external Microsoft Teams collaboration and then leaning on legitimate admin tools for access and lateral movement. This works because employees already expect chat-based support interactions, especially in distributed companies where the helpdesk is partly remote and partly outsourced.


3. ZionSiphon shows OT malware is still probing water-sector operations

The Hacker News also covered ZionSiphon, malware observed targeting Israeli water treatment and desalination systems with persistence, local tampering, OT service scanning, and sabotage-oriented logic around chlorine and pressure controls. It is reportedly unfinished, which is exactly why defenders should care now, before a rough tool matures into a reliable one.


What security teams should do today

  1. Inventory any SGLang usage, especially exposed inference or reranking services, and patch or isolate first.
  2. Review Teams federation, external chat policies, and recent helpdesk-style conversations for impersonation signals.
  3. Ask OT and facilities teams whether water, utility, or industrial environments have recent controller, subnet, or USB anomalies.
  4. Brief leadership on the common thread: trusted workflows, not just edge systems, are now the frontline.

Bottom line: Bottom line: today’s attackers are not just breaking in through obvious holes. They are riding model files, chat workflows, and operational tooling that defenders still treat as familiar and safe. That assumption needs to die.

Find the trust breaks before they become incidents

KENSAI helps teams surface exposed attack paths across cloud, collaboration, AI, and internet-facing systems before those weak links turn into breaches.

Free Scan →

Stay sharp.

🗡️ KENSAI Security Team