Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.
Infosecurity-magazine.com

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two serious security flaws affecting the n8n workflow automation platform have exposed weaknesses in the product’s sandboxing mechanisms for JavaScript and Python code. The vulnerabilities, disclosed ...
Hosted on MSN

Thousands of n8n instances under threat from top security issue

Nearly 60,000 n8n instances remain exposed to Ni8mare CVE-2026-21858 flaw Vulnerability allows unauthenticated remote server takeover; fixed in version 1.121.0 Shadowserver found most cases in US, ...
CSOonline

Malicious npm packages target the n8n automation platform in a supply chain attack

Threat actors were spotted weaponizing the n8n automation ecosystem this week, slipping malicious npm packages into its marketplace of community-maintained nodes. The deceptive packages, disguised as ...
The Hacker News

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers' OAuth ...
InfoWorld

Intro to Nest.js: Server-side JavaScript development on Node

Nest’s design is philosophically inspired by Angular. At its heart is a dependency injection (DI) engine that wires together all the components using a common mechanism. If you are familiar with ...
C&EN

How Japan took the lead in the race to discover element 119

At the start of the new year, nuclear chemists Hiromitsu Haba and Kouji Morimoto slide precisely 119 Japanese yen into the collection box at their local shrine. They are seeking good fortune in their ...
SiliconANGLE

Nvidia backs $180M round for workflow automation startup n8n

German automation software provider n8n GmbH today announced that it has closed a $180 million investment at a $2.5 billion valuation. Accel led the C round, which comes six months after the company’s ...
GitHub

Issue with HTTP Request Node in n8n - HTML Response Instead of JSON of API OMIE

I am experiencing an issue with the HTTP Request node in my n8n workflow. The expected behavior is for it to return JSON data from the API endpoint I am using. However, the node is returning HTML ...
GitHub

MCP Server with sub-workflow based tools hangs when tools have Javascript code nodes (but not Python)

I am building a workflow with an MCP server trigger that uses call-n8n-workflow as a tool, which calls a sub-workflow containing a code node. The code node uses JavaScript as its language. When I ...