Here is the article with the key findings in bullet point format, the background as the first major point, and the headers formatted with ##:

Key Findings

• Threat actors uploaded 8 malicious packages on the npm registry masquerading as n8n workflow automation integrations to steal OAuth credentials

• One such package, "n8n-nodes-hfgjf-irtuinvcm-lasdqewriit", mimicked a Google Ads integration and prompted users to link their advertising account to siphon the credentials

• This attack represents a new escalation in supply chain threats, targeting workflow automation platforms that act as centralized credential vaults

Background

n8n is built on Node.js and heavily dependent on the npm ecosystem for extending functionality through community-maintained nodes. These nodes are published as npm packages and executed directly within the n8n environment, effectively granting them the same level of access as n8n itself. This makes n8n an attractive target for supply chain attacks, as a single malicious npm package can gain access to sensitive credentials stored within n8n's credential vault.

Malicious Packages

The complete list of identified malicious packages, which have since been removed, is as follows:

• n8n-nodes-hfgjf-irtuinvcm-lasdqewriit (4,241 downloads, author: kakashi-hatake)

• n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl (1,657 downloads, author: kakashi-hatake)

• n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz (1,493 downloads, author: kakashi-hatake)

• n8n-nodes-performance-metrics (752 downloads, author: hezi109)

• n8n-nodes-gasdhgfuy-rejerw-ytjsadx (8,385 downloads, author: zabuza-momochi)

• n8n-nodes-danev (5,525 downloads, author: dan_even_segler)

• n8n-nodes-rooyai-model (1,731 downloads, author: haggags)

• n8n-nodes-zalo-vietts (4,241 downloads, authors: vietts_code and diendh)

Ongoing Campaign

The users "zabuza-momochi," "dan_even_segler," and "diendh" have also been linked to other libraries that are still available for download, suggesting the campaign may be ongoing. An analysis of the first three packages on ReversingLabs Spectra Assure uncovered no security issues, but the "n8n-nodes-zl-vietts" package was flagged as containing a component with malware history.

Attack Methodology

The malicious package, once installed as a community node, behaves like any other n8n integration, displaying configuration screens and saving the Google Ads account OAuth tokens in encrypted format to the n8n credential store. When the workflow is executed, it runs code to decrypt the stored tokens using n8n's master key and exfiltrates them to a remote server.

Impact and Recommendations

This attack marks the first time a supply chain threat has explicitly targeted the n8n ecosystem, with bad actors weaponizing the trust in community integrations to achieve their goals. Developers are recommended to audit packages before installing them, scrutinize package metadata for any anomalies, and use official n8n integrations. On self-hosted n8n instances, it's advised to disable community nodes by setting N8N_COMMUNITY_PACKAGES_ENABLED to false.

Sources

• https://thehackernews.com/2026/01/n8n-supply-chain-attack-abuses.html

• https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem