Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers' OAuth credentials. One such package, named "n8n-nodes-hfgjf-irtuinvcm-lasdqewriit," mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then
In Cybersecurity & AI Safety, this underscores the growing importance of protecting AI development and deployment pipelines from supply chain attacks, requiring more robust security measures tailored to the unique vulnerabilities of AI/ML workflows.
Businesses using n8n or similar platforms (e.g., those integrating open-source AI tools) need to implement stringent security protocols for evaluating and managing community-contributed nodes, including code reviews, vulnerability scanning, and runtime monitoring to prevent unauthorized access to AI-related data and systems. This includes increased focus on zero-trust principles when integrating externally developed AI/automation components.