The post Workflow Warning: The n8n CVSS 10.0 Prototype Pollution Crisis appeared first on Daily CyberSecurity.

Hackers are abusing n8n workflows to deliver malware and evade detection, according to Cisco Talos, using trusted automation to bypass security defenses.

The post New Phishing Attack Turns n8n Into On-Demand Malware Machine appeared first on TechRepublic.

Attackers abuse AI automation platform n8n to run phishing campaigns, deliver malware, and evade security by using trusted infrastructure.

Threat actors are exploiting the popular AI workflow automation platform n8n to launch advanced phishing campaigns, deliver malware, and collect device data through automated emails. By using trusted infrastructure, they can bypass traditional security controls and maintain persistent access. The abuse of legitimate tools like n8n highlights how attackers are turning productivity platforms into powerful cyberattack enablers.

Cisco Talos found that attackers are abusing n8n webhooks, URLs that trigger automated workflows, to run phishing campaigns and deliver malware.

When users click these links in emails, their browser processes malicious content as if it came from a trusted source. The use of webhooks has surged sharply, driven by their ability to mask origins and tailor payloads. In observed campaigns, victims received emails mimicking OneDrive links, leading to CAPTCHA-protected pages that downloaded malicious files.

“Talos observed a phishing campaign (shown in Figure 3) that used an n8n-hosted webhook link in emails that purported to be a shared Microsoft OneDrive folder. When clicked, the link opened a webpage in the targeted user’s browser containing a CAPTCHA.” reads the report published by Talos. “Once the CAPTCHA is completed, a download button appears, triggering a progress bar as the payload is downloaded from an external host. Because the entire process is encapsulated within the JavaScript of the HTML document, the download appears to the browser to have come from the n8n domain.”

These included executables or MSI installers that deployed remote management tools as backdoors, enabling persistence, command execution, and data exfiltration while appearing legitimate.

The malicious executable employed in this campaign uses PowerShell commands to deploy the Datto RMM tool, configure it as a scheduled task, and establish persistence by connecting to a remote relay before deleting traces of the payload. Talos also observed a similar attack using n8n webhooks to deliver a different payload via a phishing page protected by a CAPTCHA. Once solved, victims download a malicious MSI installer disguised as a OneDrive document, which installs a modified ITarian RMM tool acting as a backdoor and enabling data exfiltration, while a fake installer interface hides the activity.

Additionally, attackers abuse n8n for device fingerprinting by embedding invisible tracking images in emails. When opened, these trigger requests to webhook URLs containing unique identifiers, allowing attackers to confirm email access and collect information about the victim’s device.

“The same workflows designed to save developers hours of manual labor are now being repurposed to automate the delivery of malware and fingerprinting devices due to their flexibility, ease of integration, and seamless automation.” concludes the report. “As we continue to leverage the power of low-code automation, it’s the responsibility of security teams to ensure these platforms and tools remain assets rather than liabilities.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, malware)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in n8n to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an n8n flaw, tracked as CVE-2025-68613 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog.

n8n is a workflow automation platform designed for technical teams that combines the flexibility of custom code with the speed and simplicity of no-code tools. It supports more than 400 integrations, includes native AI features, and uses a fair-code license, allowing organizations to build powerful automations while retaining full control over their data and deployment environments.

In December 2025, researchers warned that a critical vulnerability, tracked as CVE-2025-68613, in the n8n workflow automation platform could allow attackers to achieve arbitrary code execution under certain circumstances. The package gets about 57,000 downloads per week, according to npm statistics.

“n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime.” reads the advisory. “An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.”

An authenticated attacker could exploit this weakness during workflow configuration to run arbitrary code with the same privileges as the n8n process, potentially leading to full system compromise, data exposure, workflow tampering, and execution of system-level commands. The vulnerability has been fixed in versions 1.120.4, 1.121.1, and 1.122.0, and users are strongly urged to upgrade. If upgrading is not immediately possible, administrators should restrict workflow creation and editing to fully trusted users and run n8n in a hardened environment, keeping in mind these measures only reduce risk temporarily and do not fully resolve the issue.

Cybersecurity firm Censys observed 103,476 potentially vulnerable instances as of December 22, 2025, trackable with the following queries. Most of the instances are located in the U.S., Germany, and France.

Users should install the updates immediately and, if patching isn’t possible, restrict workflow editing to trusted users and run n8n in a hardened environment with restricted operating system privileges and network access.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix the vulnerability by March 25, 2026.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, US CISA Known Exploited Vulnerabilities catalog)