CSOonline

Malicious npm packages target the n8n automation platform in a supply chain attack

Threat actors were spotted weaponizing the n8n automation ecosystem this week, slipping malicious npm packages into its marketplace of community-maintained nodes. The deceptive packages, disguised as ...
TechRadar

A critical n8n flaw has been discovered - here's how to stay safe

CVE-2025-68668 in n8n’s Python Code Node enables arbitrary system command execution Attackers with workflow permissions can bypass Pyodide sandbox, risking malware, data theft, and system compromise ...