InfoQ

Microsoft Agent Framework RC Simplifies Agentic Development in .NET and Python

Microsoft has announced that the Microsoft Agent Framework has reached Release Candidate status for both .NET and Python. This milestone indicates that the API surface is stable and feature-complete ...
Morningstar

Pillar Security Discovered Critical Flaw in n8n Exposing Hundreds of Thousands of Enterprise AI Systems to Complete Takeover

Pillar Security discovers two critical vulnerabilities (CVSS 10.0) in popular workflow automation platform affecting hundreds of thousands of deployments – enabling attackers to decrypt stored ...
Infosecurity-magazine.com

Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

Researchers at Pillar Security have found two maximum severity vulnerabilities (CVSS score of 10.0) in n8n, a popular open-source workflow automation platform powering hundreds of thousands of ...
CSOonline

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass affects internal‑mode deployments common in enterprise setups. Two critical ...
Bleeping Computer

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
Infosecurity-magazine.com

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two serious security flaws affecting the n8n workflow automation platform have exposed weaknesses in the product’s sandboxing mechanisms for JavaScript and Python code. The vulnerabilities, disclosed ...
The Hacker News

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. Shachar Menashe, ...
Hosted on MSN

Thousands of n8n instances under threat from top security issue

Nearly 60,000 n8n instances remain exposed to Ni8mare CVE-2026-21858 flaw Vulnerability allows unauthenticated remote server takeover; fixed in version 1.121.0 Shadowserver found most cases in US, ...
Bleeping Computer

Max severity Ni8mare flaw impacts nearly 60,000 n8n instances

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." n8n is an open-source workflow automation platform that allows users to connect ...
CSOonline

Malicious npm packages target the n8n automation platform in a supply chain attack

Threat actors were spotted weaponizing the n8n automation ecosystem this week, slipping malicious npm packages into its marketplace of community-maintained nodes. The deceptive packages, disguised as ...
SecurityWeek

Critical Vulnerability Exposes N8n Instances to Takeover Attacks

A critical-severity vulnerability in the n8n workflow automation platform allows attackers to take over vulnerable instances, data security firm Cyera warns. N8n has over 100 million Docker pulls, ...
The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the ...