- What: Researchers discovered a vulnerability in AWS CodeBuild due to timing issues, potentially allowing takeover of AWS packages. Additionally, N8N continues to be targeted by supply chain attacks.
- Why: Successful exploitation of the AWS CodeBuild vulnerability could lead to unauthorized access and control over AWS resources. The N8N supply chain attacks can compromise systems that rely on the platform.
- Impact: AWS users and N8N users are affected.
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 00:00 0 - Intro 00:16 1 - Insane Timing Made AWS Vulnerable 03:50 2 - N8N continues to get rocked 05:11 3 - Mandiant’s new Rainbow Table 06:44 4 - Node’s DOS Security Statement 08:41 5 - Other Stories You Should Know 09:03 6 - Outro LINKS 🔗 Story 1: Insane Timing Made AWS Vulnerable https://docs.aws.amazon.com/whitepapers/latest/introduction-devops-aws/aws-codebuild.html https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild 🔗 Story 2: N8N continues to get rocked https://thehackernews.com/2026/01/n8n-supply-chain-attack-abuses.html https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem 🔗 Story 3: Mandiant’s new Rainbow Table https://cloud.google.com/blog/topics/threat-intelligence/net-ntlmv1-deprecation-rainbow-tables/ https://arstechnica.com/security/2026/01/mandiant-releases-rainbow-table-that-cracks-weak-admin-password-in-12-hours/ https://calcomsoftware.com/ntlm-v1-and-v2-vs-kerberos/ 🔗 Story 4: Node’s DOS Security Statement https://thehackernews.com/2026/01/critical-nodejs-vulnerability-can-cause.html https://nodejs.org/en/blog/vulnerability/january-2026-dos-mitigation-async-hooks 🔗 Story 5: Other Stories You Should Know https://botcrawl.com/microsoft-confirms-windows-11-shutdown-bug-after-january-update/ https://arstechnica.com/security/2026/01/never-before-seen-linux-malware-is-far-more-advanced-than-typical/ -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop → http://hakshop.myshopify.com/ Community → https://www.hak5.org/community Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.