All articles tagged with #n8n
Threat actors are abusing exposed n8n webhooks to run phishing campaigns, delivering malware via CAPTCHA-triggered downloads and fingerprinting victims, enabling persistence through modified RMM tools and C2 communication.
A critical security flaw in the n8n workflow automation platform (CVE-2025-68613) allows authenticated attackers to execute arbitrary code, affecting over 100,000 instances worldwide. The vulnerability has been patched in recent versions, and users are urged to update immediately or implement strict access controls to mitigate risks.