Critical vulnerability found in n8n workflow automation platform

The open-source platform is widely used across enterprise environments, leaving thousands of instances at risk.
The Hacker News

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations ...
CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...

Thousands of n8n instances under threat from top security issue

Shadowserver data claims on January 11 2026, there were exactly 59,559 internet-connected n8n instances vulnerable to Ni8mare ...

Max severity Ni8mare flaw lets hackers hijack n8n servers

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally ...
The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...
How-To Geek on MSN

I wish I'd never discovered the power of Notion and n8n

I've spent many enjoyable hours creating automations in Home Assistant and have plenty of smart home projects that I want to ...

Google Antigravity : Build Smart Flows Without Code Using Google’s IDE

Build no-code flows in Google's Antigravity with trigger.dev, including queue monitoring. Set schedules, debug in real time, ...