The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...

Maximum-severity n8n flaw lets randos run your automation server

A maximum-severity bug in the popular automation platform n8n has left an estimated 100,000 servers wide open to complete ...

Nano Banana Pro 3D Product Image & Video Automations on a Small Budget

Make videos of products in 3D for about $0.30 using Nano Banana Pro and VEO 3.1, saving hours while keeping quality high ...

Blooio Launches API v2 With Group Chats, Reactions and Signed Webhooks | Send iMessages from anywhere with an API

The iMessage API platform introduces group messaging, native reactions, HMAC-SHA256 webhook signing, and a fully ...

Build Reliable n8n Assistants with Clear States, Validation & Escalation Paths

Learn two ways to manage workflow state on n8n, from canvas logic to tables that validate order numbers, for consistent ...
The Hacker News

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations ...

Max severity Ni8mare flaw impacts nearly 60,000 n8n instances

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." ...
Know Your Mobile

I Used N8N For Years But Now I’ve Switched To Gumloop

Let’s get one thing straight: n8n is a beast. A powerful, open-source, do-it-all automation platform that devs absolutely love. But here’s the problem: it was never built for people who just want to ...
CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...