The Silicon Review

n8n Supply Chain Attack Steals OAuth Tokens Via Nodes

A supply chain attack on n8n injected malicious community nodes to steal user OAuth tokens, highlighting critical risks in ...

Thousands of n8n instances under threat from top security issue

Shadowserver data claims on January 11 2026, there were exactly 59,559 internet-connected n8n instances vulnerable to Ni8mare ...

Max severity Ni8mare flaw impacts nearly 60,000 n8n instances

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." ...
The Hacker News

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations ...
CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...
SecurityWeek

Critical Vulnerability Exposes n8n Instances to Takeover Attacks

CVE-2026-21858, a critical n8n vulnerability, can be exploited for unauthenticated remote code execution, leading to instance ...

Max severity Ni8mare flaw lets hackers hijack n8n servers

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally ...

Cyera researchers detail critical ‘Ni8mare’ vulnerability allowing full takeover of n8n instances

Cyera researchers detail critical 'Ni8mare' vulnerability allowing full takeover of n8n instances - SiliconANGLE ...