Integration Hub Compromise & Lateral Movement
Exploitation of centralized automation platforms to extract credentials from workflow variable vaults and achieve unauthorized access to integrated systems including databases, APIs, cloud services, and identity providers.
-
n8n CVE-2025-68613: Expression Injection Enables Arbitrary Code Execution on 103,476 Workflow Automation Instances
A critical expression injection vulnerability in n8n workflow automation platform (CVSS 9.9) allows authenticated attackers to execute arbitrary code with process privileges. 103,476 exposed instances identified globally, with rapid patching…
·
·
11–16 minutes
