SANS Stormcast Tuesday, January 13th, 2026: n8n got npm'ed; Gogs exploit; telegram proxy links (#)
SANS Internet Storm Center's Daily Network Security News Podcast · Johannes B. Ullrich
January 13, 20265m 46s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
SANS Stormcast Tuesday, January 13th, 2026: n8n got npm'ed; Gogs exploit; telegram proxy links n8n supply chain attack Malicious npm pagackages were used to attempt to obtain user OAUTH credentials for NPM. https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem Gogs 0-Day Exploited in the Wild An at the time unpachted flaw in Gogs was exploited to compromise git repos. https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit Telegram Proxy Link Abuse Telegram proxy links have been abused to deanonymize users https://x.com/GangExposed_RU/status/2009961417781457129 keywords: telegram; gogs; npm; n8n;