Dossier
n8n
Coverage of n8n in the Nexus archive.
- Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. A critical flaw impacting Ivanti Xtraction could be exploited to achieve information disclosure or client-side attacks. The vulnerabilities affect multiple products from these companies.
- n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Threat actors have been exploiting n8n, an AI workflow automation platform, since October 2025 to bypass security filters and deliver malware via phishing emails. These campaigns automate malicious email distribution, enabling device fingerprinting and payload delivery through trusted infrastructure.