The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure.

CISA orders feds to patch n8n RCE flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability.
CSO Online

OAuth vulnerability in n8n automation platform could lead to system compromise

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...

5 Step Workflow for Building Hyperspecific AI Apps for Niche Tasks

Hyperspecific AI apps help replace pricey subscriptions by automating niche workflows, using a five-step build-and-host ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
The Hacker News

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

CISA adds n8n RCE flaw CVE-2025-68613 to KEV after active exploitation; 24,700 exposed instances raise compromise risk.
MacRumors

Claude Sonnet 4.6 Brings Improved Coding, Computer Use, and Office Tasks

Anthropic today updated its Sonnet model to version 4.6, and the company says it is the most capable Sonnet model to date with upgrades across coding, computer use, long-context reasoning, agent ...
SecurityWeek

In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown

Telus Digital data breach, vulnerabilities in Linux AppArmor allow root privileges, US defense contractor behind Coruna exploits.
XDA Developers on MSN

N8n replaced every automation I had duct-taped together, and it wasn't even close

It's a lifesaver.