The Hacker News

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

According to Cisco Talos, it's these URL-exposed webhooks – which make use of the same *.app.n8n [.]cloud subdomain – that ...

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Hackers are abusing n8n workflows to deliver malware and evade detection, according to Cisco Talos, using trusted automation ...