CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...
The Hacker News

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations ...
SecurityWeek

Critical Vulnerability Exposes n8n Instances to Takeover Attacks

CVE-2026-21858, a critical n8n vulnerability, can be exploited for unauthenticated remote code execution, leading to instance ...
TechJuice

Critical n8n Vulnerability Puts Organizations at Immediate Risk, Warns Pakistan’s National CERT

Pakistan’s National CERT warns of a critical n8n flaw CVE-2026-21858, allowing remote code execution and full system ...

Govt Warns Against This Security Bug Hackers Use to Access Company Data

The National Computer Emergency Response Team (National CERT) has issued a critical advisory warning organizations about a ...
Techzine Europe

‘Ni8mare’ vulnerability affects n8n platform with a score of 10.0

Security researchers at Cyera have discovered a critical vulnerability in n8n, the popular workflow automation platform. The ...
The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...

Max severity Ni8mare flaw impacts nearly 60,000 n8n instances

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." ...
CSO Online

Critical RCE flaw allows full takeover of n8n AI workflow platform

A compromised n8n instance doesn’t just mean losing one system — it means handing attackers the keys to everything,’ security ...