Hello and welcome to the Tuesday, January 13th,

2006 edition of the Sands and United Storm Centers, Stormcast.

My name is Johannes Ulrich, recording today from Jacksonville, Florida.

And this episode is brought to by the Sands EDU Graduate Certificate Program in Cyber Security Leadership.

Well, and let's start with N8N again.

It's in the news again and not in a good way,

but this time it's not really N8N's fault of what's happening here.

It's a standard NPM supply chain issue. There were a number

of malicious NPM libraries released that in this case actually didn't sort of do the usual

of executing malicious code, the developer system. Instead, they just were into stealing credentials. So the way these particular

packages worked was that they claimed to be like license validators and such for N8N. And so far,

it may be plausible that as you're running the tool created with these packages, it will ask you

to basically add Oath credentials for N8N

for the tool to work,

while these OOF credentials were then exfiltrated and abused by the attacker.

So one of those, I guess,

Oath fishing kind of incidents combined with the NPM supply chain issue.

Again, not really a problem with anything that N8N did.

Nothing really they could fix.

It's just up to NPM to get their act together and kick those packages out.

Luckily, they weren't super popular, in particular, actually I think the wotset were a little bit

better named.

...