{ads}

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Written By Monday, 12 January 2026 Add Comment



January 12, 2026 at 10:09PM

Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers' OAuth credentials. One such package, named "n8n-nodes-hfgjf-irtuinvcm-lasdqewriit," mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then

from The Hacker News https://ift.tt/FkSTO75

0 Response to "n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads