n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens
- Posted on January 12, 2026
- By The Hacker News
- 7 Views
n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens
Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations and credential storage.
