The threat involves a supply chain attack targeting the n8n workflow automation platform, which is used to automate tasks across multiple services by integrating various nodes or packages. Attackers uploaded eight malicious packages to the npm registry, disguised as legitimate n8n community nodes, including one mimicking a Google Ads integration. These malicious nodes prompt users to link their OAuth-based accounts, such as Google Ads, and then store the OAuth tokens encrypted in n8n's credential store. When the workflow executes, the malicious code decrypts these tokens using the n8n master key and exfiltrates them to attacker-controlled servers. Unlike traditional npm malware that targets developer credentials, this campaign exploits workflow automation platforms that centralize sensitive credentials, including OAuth tokens and API keys for services like Google Ads, Stripe, and Salesforce. The malicious nodes operate with the same privileges as the n8n runtime, allowing them to read environment variables, access the file system, and make outbound network requests without sandboxing or isolation. This lack of isolation means a single malicious package can compromise the entire n8n environment. The packages have been removed from npm, but some related packages remain available, and updates suggest the campaign may be ongoing. The attack underscores the risks of integrating untrusted community nodes and the expanded attack surface they create. n8n recommends disabling community nodes on self-hosted instances by setting N8N_COMMUNITY_PACKAGES_ENABLED to false and advises users to audit packages carefully and prefer official integrations. This incident marks the first known supply chain attack explicitly targeting the n8n ecosystem, highlighting a new vector for credential theft and supply chain compromise in workflow automation platforms.

For European organizations using n8n, particularly those self-hosting the platform, this attack poses significant risks. The theft of OAuth tokens and API keys can lead to unauthorized access to critical cloud services, advertising accounts, payment platforms, and CRM systems, potentially resulting in data breaches, financial fraud, and reputational damage. Since n8n often centralizes credentials for multiple services, a single compromised node can cascade into widespread access across an organization's digital infrastructure. The attack can also facilitate lateral movement within networks and enable attackers to manipulate workflows or exfiltrate sensitive data. Given the increasing adoption of workflow automation in European enterprises, especially in sectors like marketing, finance, and technology, the impact could be substantial. Furthermore, the lack of sandboxing means that malicious nodes can execute arbitrary code on the host system, increasing the risk of system compromise. The ongoing nature of the campaign and presence of related suspicious packages amplify the threat. Organizations relying on community nodes without strict controls are particularly vulnerable. This threat also raises concerns about supply chain security and trust in open-source ecosystems widely used in Europe.

European organizations should immediately audit their n8n installations and workflows to identify any use of community nodes, especially those from unverified or suspicious sources. On self-hosted n8n instances, disable community nodes by setting the environment variable N8N_COMMUNITY_PACKAGES_ENABLED to false to prevent installation and execution of untrusted packages. Prefer official n8n integrations and avoid installing community nodes unless their source and code have been thoroughly vetted. Implement strict code review and static analysis of any third-party nodes before deployment. Monitor network traffic for unusual outbound connections from n8n servers that could indicate exfiltration attempts. Rotate OAuth tokens and API keys associated with n8n workflows to invalidate potentially compromised credentials. Employ runtime monitoring and endpoint detection to identify anomalous behavior on hosts running n8n. Educate developers and administrators about the risks of supply chain attacks and the importance of verifying package authenticity. Engage with the n8n community and security advisories to stay updated on emerging threats and patches. Consider isolating n8n runtime environments using containerization or sandboxing techniques to limit the impact of malicious nodes. Finally, maintain a robust incident response plan to quickly address any detected compromise.