n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

/in

Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers’ OAuth credentials.
One such package, named “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit,” mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then

The Hacker News – ​Read More

Fake Employee Reports Spread Guloader and Remcos RAT MalwareMy favorite color e-reader is on sale, just in time for my 2026 reading goa...