Podcast Detail

SANS Stormcast Tuesday, January 13th, 2026: n8n got npm’ed; Gogs exploit; telegram proxy links

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9764.mp3

n8n got npm’ed; Gogs exploit; telegram proxy links

00:00

Application Security: Securing Web Apps, APIs, and Microservices	Orlando	Mar 29th - Apr 3rd 2026
Network Monitoring and Threat Detection In-Depth	Amsterdam	Apr 20th - Apr 25th 2026

n8n supply chain attack
Malicious npm pagackages were used to attempt to obtain user OAUTH credentials for NPM.
https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem

Gogs 0-Day Exploited in the Wild
An at the time unpachted flaw in Gogs was exploited to compromise git repos.
https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit

Telegram Proxy Link Abuse
Telegram proxy links have been abused to deanonymize users
https://x.com/GangExposed_RU/status/2009961417781457129

iTunes

MP3 Download

RSS Feed

Google

Podbean

Amazon Echo

YouTube

Spreaker

Spotify

Application Security: Securing Web Apps, APIs, and Microservices	Orlando	Mar 29th - Apr 3rd 2026
Network Monitoring and Threat Detection In-Depth	Amsterdam	Apr 20th - Apr 25th 2026
Application Security: Securing Web Apps, APIs, and Microservices	San Diego	May 11th - May 16th 2026
Network Monitoring and Threat Detection In-Depth	Online \| Arabian Standard Time	Jun 20th - Jun 25th 2026
Network Monitoring and Threat Detection In-Depth	Riyadh	Jun 20th - Jun 25th 2026
Application Security: Securing Web Apps, APIs, and Microservices	Washington	Jul 13th - Jul 18th 2026
Application Security: Securing Web Apps, APIs, and Microservices	Online \| British Summer Time	Jul 27th - Jul 31st 2026
Application Security: Securing Web Apps, APIs, and Microservices	Las Vegas	Sep 21st - Sep 26th 2026

no transcript found