The Arkanix Stealer malware can collect and exfiltrate system information, browser data, VPN information, and arbitrary files ...

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Process invoices and receipts automatically with n8n plus Unstruct, pulling totals, dates, and names into structured data for reporting.

New flaw in n8n (CVE-2026-25049) allows unauthenticated users to run arbitrary commands on servers Vulnerability risks theft of secrets (API keys, OAuth tokens) and cross-tenant data exposure Patch ...

Researchers at Pillar Security have found two maximum severity vulnerabilities (CVSS score of 10.0) in n8n, a popular open-source workflow automation platform powering hundreds of thousands of ...

The two bugs impacted n8n’s sandbox mechanism and could be exploited via weaknesses in the AST sanitization logic. Two critical- and high-severity vulnerabilities in the n8n AI workflow automation ...

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Two serious security flaws affecting the n8n workflow automation platform have exposed weaknesses in the product’s sandboxing mechanisms for JavaScript and Python code. The vulnerabilities, disclosed ...

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." n8n is an open-source workflow automation platform that allows users to connect ...

Threat actors were spotted weaponizing the n8n automation ecosystem this week, slipping malicious npm packages into its marketplace of community-maintained nodes. The deceptive packages, disguised as ...

CVE-2025-68668 in n8n’s Python Code Node enables arbitrary system command execution Attackers with workflow permissions can bypass Pyodide sandbox, risking malware, data theft, and system compromise ...

‘A compromised n8n instance doesn’t just mean losing one system — it means handing attackers the keys to everything,’ security researchers wrote of the 10.0 severity vulnerability. Researchers have ...