May 2026 was a dense month for connected infrastructure security. Multiple high-severity vulnerabilities, active exploitation campaigns, a new ICS malware toolkit on the dark web, and the most authoritative government guidance yet on AI in OT all landed within a four-week window. For organizations managing smart offices, building automation systems, or industrial control environments, the month produced several developments that require direct operational response.

Here is the summary of the eight significant developments and what each means for connected office and OT security programs.

1. Routers Are Now the Highest-Risk Device Category in Enterprise Networks

Research published at the start of May named routers the single most dangerous connected device category in enterprise environments, averaging 32 vulnerabilities per device and accounting for roughly one-third of all critical vulnerabilities found across corporate infrastructure.

The more significant finding for smart office teams is what entered the riskiest device list for the first time in 2026: power distribution units, I/O modules, BACnet routers, serial-to-IP converters, and RFID readers β€” all standard components in smart building deployments. Forty percent of device categories on the 2026 riskiest list were absent two years ago, and 75% were not on the list in 2024.

What it means: Organizations that built connected office infrastructure on the assumption that building automation components carry lower security risk than IT equipment need to revisit that assumption. PDUs, BACnet routers, and RFID readers are now documented high-risk categories, and security programs that don’t cover them are operating with a blind spot.

2. Interlock Ransomware Exploited a CVSS 10.0 Cisco Zero-Day for Weeks Before Disclosure

CVE-2026-20131 in Cisco Secure Firewall Management Center is a Java deserialization vulnerability with a CVSS score of 10.0 β€” maximum. An unauthenticated attacker with network access to the FMC management interface can execute arbitrary Java code as root.

The Interlock ransomware group began exploiting this vulnerability on January 26, 2026, more than a month before Cisco’s public disclosure. During that window, Interlock deployed memory-resident web shells, custom JavaScript and Java remote access trojans, and used ConnectWise ScreenConnect for persistent access. Post-compromise, the group exploited Active Directory Certificate Services using the Certify tool to maintain persistence that survives password resets.

What it means: Organizations running Cisco FMC should treat this as an emergency patching priority, hunt for indicators of prior compromise, audit AD CS for fraudulent certificates, and review ScreenConnect deployments for unauthorized instances. The management plane of security infrastructure is a primary target β€” not an administrative tool outside the threat model.

3. Two Botnet Campaigns Target Industrial Routers

May produced two active botnet campaigns against widely deployed router hardware in OT and office contexts.

CVE-2024-9643 in Four-Faith F3x36 Industrial Cellular Routers β€” CVSS 9.8 β€” allows full administrative control without authentication. Active botnet exploitation began May 12. A compromised Four-Faith router in an OT field deployment sits between PLCs, RTUs, and sensors and the upstream network, providing the attacker with visibility into industrial control traffic and potential ability to interact with production systems.

CVE-2018-5999 in ASUS AsusWRT routers β€” a vulnerability from 2018 β€” was re-weaponized by the RondoDox botnet starting May 17. Eight-year-old vulnerabilities being actively exploited in 2026 is a consistent finding in connected device security: devices with low patch rates accumulate long-unpatched vulnerabilities that remain exploitable indefinitely.

What it means: Audit industrial cellular router inventory for Four-Faith devices and check firmware currency. Review ASUS router deployments β€” particularly older devices β€” and apply CVE-2018-5999 patches. Management interfaces for industrial routers should not be internet-accessible; if they are, restrict immediately.

4. VoltRuptor ICS Malware Available on Dark Web Markets

A sophisticated ICS and SCADA malware toolkit called VoltRuptor, attributed to the Infrastructure Destruction Squad, is being sold through dark web channels. The toolkit supports multiple industrial protocols, includes persistence mechanisms designed for OT environments, and incorporates anti-forensics capabilities.

The commercial availability of sophisticated ICS attack capability changes the threat model for industrial environments. Attacks on industrial control systems have historically required nation-state-level technical expertise; a commercial toolkit lowers that barrier to any buyer with sufficient funds and motivation.

What it means: The population of actors capable of mounting credible attacks against OT infrastructure is expanding. Security programs calibrated only to nation-state threats and commodity ransomware should account for a third category: commercially capable actors with diverse motivations who now have access to purpose-built ICS attack tooling.

5. CVE-2026-32746 β€” Telnet RCE Before the Login Prompt

CVE-2026-32746 is a pre-authentication remote code execution vulnerability in GNU Inetutils telnetd, scoring 9.8 Critical. An unauthenticated attacker can achieve root-level code execution during the TCP connection handshake β€” before any login prompt is presented. All versions of GNU Inetutils up to 2.7 are affected.

This vulnerability affects PLCs, SCADA RTUs, serial-to-IP converters, and building automation controllers that expose telnet management interfaces β€” which remain common in OT environments because telnet persists for legacy management workflows. No confirmed active exploitation was documented in May, but a 9.8 pre-auth RCE with public disclosure typically moves to active exploitation quickly.

What it means: Conduct a port 23 scan across OT and corporate network environments. For systems running GNU Inetutils, apply patches immediately. For OT equipment where patching requires maintenance windows, implement network-level controls restricting port 23 access to known management addresses. Begin planning telnet-to-SSH migration for OT equipment where the vendor supports it.

6. CISA ICS Advisories: Five Vendors, Multiple Critical CVEs

CISA’s May advisory cycle covered five vendors with products common in smart offices and industrial environments:

  • Schneider Electric EcoStruxure Foxboro DCS Advisor β€” CVSS 9.8 deserialization vulnerability
  • Advantech WebAccess/SCADA β€” CVSS 8.8, five CVEs including path traversal and dangerous file upload
  • Axis Communications Camera Station Pro β€” CVSS 9.0, authentication bypass and code execution in video management software
  • Rockwell Automation Micro820/850/870 β€” CVSS 7.5, vulnerable third-party component and invalid pointer handling in building automation PLCs
  • Mitsubishi Electric ICONICS Suite β€” CVSS 8.2, OS command injection via HMI keypad function

What it means: Cross-reference current vendor and product inventory against these advisories and apply patches during the next available maintenance windows. The Axis Camera Station Pro advisory warrants particular attention in smart office contexts β€” video management system compromise creates both physical security exposure and potential pivot points between physical security and IT networks.

7. TrapDoor Supply Chain Attack Targets AI Developer Credentials

The TrapDoor campaign, active as of May 22, uses malicious packages in public repositories to steal cloud credentials, SSH keys, and developer secrets from AI developer communities. Exfiltration uses GitHub API infrastructure, blending malicious traffic with normal developer activity.

AI development teams are specifically targeted because their credentials provide access to cloud GPU infrastructure, model training environments, proprietary datasets, and data pipelines β€” a higher-value credential profile than general enterprise developer environments.

What it means: AI development teams need supply chain security controls equivalent to those applied to general software development β€” package source policy, installation-time behavioral monitoring, least-privilege credential scoping, and secrets management. Development environment credentials for cloud AI infrastructure should not have production-level access, and secrets should be managed through dedicated tools rather than stored in environment variables or .env files.

8. CISA and International Partners Issue AI-in-OT Guidance β€” No LLMs in Safety-Critical Systems

A joint guidance document from CISA, the Australian Signals Directorate’s ACSC, and partner agencies established the most authoritative framework yet for AI integration in operational technology environments.

The guidance makes several positions clear:

  • LLMs are not appropriate for safety-critical decision-making in OT environments due to unpredictability and limited explainability
  • AI deployment should be differentiated by Purdue Model layer: predictive ML for anomaly detection at operational levels, LLMs only at the enterprise level where physical process control is not involved
  • AI vendors supplying OT environments must provide software bills of materials, data usage policies, and transparent AI feature documentation
  • AI governance in OT requires senior leadership accountability and embedded oversight throughout the AI lifecycle

What it means: Organizations evaluating vendor proposals for AI-powered industrial automation, predictive maintenance, or smart building optimization now have an authoritative framework for assessing what is appropriate. The prohibition on LLMs in safety-critical OT decision-making provides specific, defensible grounds for declining vendor proposals that apply generative AI to functions where that architecture is inappropriate.

The Month in Context

May 2026’s events fit within a pattern that has been developing throughout the year: the attack surface for connected office and OT environments continues to expand into device categories that security programs have not historically prioritized, exploitation of management infrastructure (firewalls, routers, video systems) is a primary vector, and new commercial attack capability is lowering the barrier to sophisticated OT attacks.

The government guidance on AI in OT is the most forward-looking development of the month. It establishes guardrails for a technology integration that is happening faster than security assessment frameworks have been able to keep pace with. For organizations managing connected office environments and industrial infrastructure, the month’s events reinforce a consistent theme: the threat environment is evolving faster than most security programs, and the gap between attacker capability and organizational defensive posture remains wide.

The practical response is not to treat each month’s developments as isolated events requiring individual response. It is to build security programs that are structurally capable of absorbing the pace of change β€” continuous asset discovery, continuous vulnerability monitoring, governance processes that can incorporate new authoritative guidance, and human security operations that can detect and respond to threat actor behavior rather than only signature-matched indicators.

May provided no shortage of signal. The question is whether organizations have the program infrastructure to act on it.