A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Tuesday, January 13th, 2026: n8n got npm’ed; Gogs exploit; telegram proxy links
January 12, 2026
5:45
0.95 MB ( 3.88 MB less)
Downloads: 0
n8n supply chain attack
Malicious npm pagackages were used to attempt to obtain user OAUTH credentials for NPM.
https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem
Gogs 0-Day Exploited in the Wild
An at the time unpachted flaw in Gogs was exploited to compromise git repos.
https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit
Telegram Proxy Link Abuse
Telegram proxy links have been abused to deanonymize users
https://x.com/GangExposed_RU/status/2009961417781457129