ALL POSTS

Key Findings * Critical remote code execution vulnerability in n8n workflow platform * CVE-2025-68613 added to CISA's Known Exploited Vulnerabilities (KEV) catalog * 24,700 unpatched instances exposed online * Vulnerability allows authenticated attackers to execute arbitrary code * FCEB agencies ordered to patch by March 25, 2026 Background n8n is an open-source workflow automation platform that allows users to connect different applications and services. The vulnerability ex

Here is the article with the key findings in bullet point format, the background as the first major point, and the headers formatted with ##: Key Findings Threat actors uploaded 8 malicious packages on the npm registry masquerading as n8n workflow automation integrations to steal OAuth credentials One such package, "n8n-nodes-hfgjf-irtuinvcm-lasdqewriit", mimicked a Google Ads integration and prompted users to link their advertising account to siphon the credentials This atta