Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server.
Collectively tracked as CVE-2026-25049, the issues can be exploited by any authenticated user who can create or edit workflows on the platform to perform unrestricted remote code execution on the n8n server.
Researchers at several cybersecurity companies reported the problems, which stem from n8n’s sanitization mechanism and bypass the patch for CVE-2025-68613, another critical flaw addressed on December 20.
According to Pillar Security, exploiting CVE-2026-25049 enables complete compromise of the n8n instance and could be leveraged to run arbitrary system commands on the server, steal all stored credentials, secrets (API keys, OAuth tokens), and sensitive configuration files.
By exploiting the vulnerability, the researchers were also able to access the filesystem and internal systems, pivot to connected cloud accounts, and hijack AI workflows (intercept prompts, modify responses, redirect traffic).
Advertisement
As n8n is a multi-tenant environment, accessing internal cluster services can potentially allow pivoting to other tenants’ data.
“The attack requires nothing special. If you can create a workflow, you can own the server,” Pillar Security says in a report today.
Full attack chain Source: Pillar Security
Pillar’s report describes the problem as incomplete AST-based sandboxing and explains that it arises from n8n’s weak sandboxing of user-written server-side JavaScript expressions in workflows.
On December 21, 2025, they demonstrated a chained bypass to the n8n team, allowing sandbox escape and access to the Node.js global object, leading to RCE.
A fix was implemented two days later, but upon further analysis, Pillar found it incomplete, and a second escape via a different mechanism using equivalent operations remained possible.
Advertisement
n8n developers confirmed the bypass on December 30, and eventually, n8n released version 2.4.0 on January 12, 2026, addressing the issue.
Researchers at Endor Labs also discovered sanitization bypasses and demonstrated the CVE-2026-25049 vulnerability with a simple proof-of-concept (PoC) exploit that achieves remote code execution.
“In all versions prior to 2.5.2 and 1.123.17, the sanitization function assumes keys in property accesses are strings in attacker-controlled code,” says Cristian Staicu of Endor Labs.
Advertisement
However, while the check is reflected in TypeScript typings, it is not enforced at runtime, introducing a type-confusion vulnerability. This leads to bypassing the “sanitization controls entirely, enabling arbitrary code execution attacks.”
In a report today, researchers at SecureLayer7 provide the technical details that enabled them to achieve “server side JavaScript execution using the Function constructor.”
They discovered CVE-2026-25049 while analyzing CVE-2025-68613 and n8n’s fix for it. It took more than 150 failed attempts to refine a successful bypass.
SecureLayer7’s report also includes a PoC exploit and detailed steps for the initial setup and creating a malicious workflow that leads to full server control.
Advertisement
Recommended steps
n8n users should update the platform to the most recent version (currently 1.123.17 and 2.5.2). Pillar security also recommends rotating the ‘N8N_ENCRYPTION_KEY’ and all credentials stored on the server, and reviewing workflows for suspicious expressions.
If updating is not possible at the moment, the n8n team provides administrators with a workaround, which acts as a temporary mitigation and does not completely address the risk:
Limit workflow creation and editing permissions to fully trusted users only
Deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation
Currently, there have not been any public reports about CVE-2026-25049 being exploited. However, n8n’s growing popularity appears to have caught the attention of cybercriminals in the context of the Ni8mare flaw (CVE-2026-21858).
GreyNoise this week reported seeing potentially malicious activity targeting exposed n8n endpoints vulnerable to Ni8mare, logging at least 33,000 requests between January 27 and February 3.
Although this probing could be due to research activity, scanning for the /proc filesystem indicates interest in post-exploitation potential.
Advertisement
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.
A company spokesperson told The Drive that BMW “remains fully committed” to ConnectedDrive as part of its global aftersales strategy. Features requiring data connectivity will likely carry recurring fees.
Apple will be using Google technologies to level up Apple Foundation Models, but the details of exactly how are still vague. While speculation is still wild, a true answer is emerging from the noise.
Apple Intelligence will get a boost after training with Google Gemini
There is one concrete fact that we have about the Apple and Google partnership on artificial intelligence development, and it is that we’re not going to be told more publicly. Apple CEO Tim Cook did say that Apple won’t change its privacy stance while working with Google and indicated that Apple Intelligence and Siri will work on-device and via Private Cloud Compute (PCC). That statement seems cut and dry on its own, but Google CEO Sundar Pichai and CBO Philipp Schindler shared seemingly contradictory statements during the Google earnings call. They both used the phrase “preferred cloud provider” when discussing Google’s relationship with Apple. Continue Reading on AppleInsider | Discuss on our Forums
Anthropic’s new plug-ins for Cowork announced on Friday are sparking jitters in the markets with software, professional services and analytics companies seeing the largest sell-offs.
Last month, Anthropic launched its Cowork model, a “simpler version of Claude Code” prompting concerns among those heavily invested in software companies. Friday’s (30 January) launch of new plug-ins seems to have accelerated the concerns.
This week has seen a strong sell-off in US and European software, professional services and data analytics companies, with the trend continuing yesterday (3 February) and contagion in Asian markets. Commentators are blaming the release of Anthropic’s plugins for Cowork which the AI player says will automate tasks across legal, sales, marketing and data analysis.
The legal space is where organisations like Thomson Reuters makes much of its revenue, so it was one of the players to see an 18pc slump in its share price yesterday, according to Reuters itself, which added that its shares are now down 33pc just this year, having dropped by 22pc in 2025, as fears rise around AI disruption in the legal sector.
Advertisement
Other providers of legal analytics also dropped with the UK’s RELX falling 14pc and Dutch company Wolters Kluwer seeing a drop of 13pc.
And the contagion spread to other software companies and the broader market as AI fuels concerns among investors who are struggling to figure out who the winners and losers will be in the current AI-fuelled economy. According to Bloomberg, a Goldman Sachs basket of US software stocks fell 6pc yesterday – its sharpest one-day drop since the sell-off that followed the initial US tariffs announcements in April.
When Anthropic launched Cowork on 12 January, it described it as a simpler version of Claude Code for non-coding related tasks. It said this new model has more agency – it can read, edit and re-organise files, taking on many of same tasks Claude Code can, but in a more “approachable” form.
Cowork seems firmly targeted at the enterprise market with its promise to make using Claude “for work” easier. Now, the new sector-specific plugins are seen as a particular threat to existing analytics players.
Advertisement
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more than half a dozen countries, researchers said Wednesday.
The threat group, tracked under names including APT28, Fancy Bear, Sednit, Forest Blizzard, and Sofacy, pounced on the vulnerability, tracked as CVE-2026-21509, less than 48 hours after Microsoft released an urgent, unscheduled security update late last month, the researchers said. After reverse-engineering the patch, group members wrote an advanced exploit that installed one of two never-before-seen backdoor implants.
Stealth, speed, and precision
The entire campaign was designed to make the compromise undetectable to endpoint protection. Besides being novel, the exploits and payloads were encrypted and ran in memory, making their malice hard to spot. The initial infection vector came from previously compromised government accounts from multiple countries and were likely familiar to the targeted email holders. Command and control channels were hosted in legitimate cloud services that are typically allow-listed inside sensitive networks.
“The use of CVE-2026-21509 demonstrates how quickly state-aligned actors can weaponize new vulnerabilities, shrinking the window for defenders to patch critical systems,” the researchers, with security firm Trellix, wrote. “The campaign’s modular infection chain—from initial phish to in-memory backdoor to secondary implants was carefully designed to leverage trusted channels (HTTPS to cloud services, legitimate email flows) and fileless techniques to hide in plain sight.”
Advertisement
The 72-hour spear phishing campaign began January 28 and delivered at least 29 distinct email lures to organizations in nine countries, primarily in Eastern Europe. Trellix named eight of them: Poland, Slovenia, Turkey, Greece, the UAE, Ukraine, Romania, and Bolivia. Organizations targeted were defense ministries (40 percent), transportation/logistics operators (35 percent), and diplomatic entities (25 percent).
There is concern that subscribers might be negatively affected if Netflix acquires Warner Bros. Discovery’s streaming and movie studios businesses. One of the biggest fears is that the merger would lead to higher prices due to less competition for Netflix.
During a US Senate hearing Tuesday, Netflix co-CEO Ted Sarandos suggested that the merger would have an opposite effect.
Sarandos aimed to convince the subcommittee that Netflix wouldn’t become a monopoly in streaming or in movie and TV production if regulators allowed its acquisition to close. Netflix is the largest subscription video-on-demand provider by subscribers (301.63 million as of January 2025), and Warner Bros. Discovery is the third (128 million streaming subscribers, including users of HBO Max and, to a smaller degree, Discovery+).
Advertisement
Speaking at the hearing, Sarandos said: “Netflix and Warner Bros. both have streaming services, but they are very complementary. In fact, 80 percent of HBO Max subscribers also subscribe to Netflix. We will give consumers more content for less.”
During the hearing, Democratic senator Amy Klobuchar of Minnesota asked Sarandos how Netflix can ensure that streaming remains “affordable” after a merger, especially after Netflix issued a price hike in January 2025 despite adding more subscribers.
Sarandos said the streaming industry is still competitive. The executive claimed that previous Netflix price hikes have come with “a lot more value” for subscribers.
“We are a one-click cancel, so if the consumer says, ‘That’s too much for what I’m getting,’ they can cancel with one click,” Sarandos said.
Advertisement
When pressed further on pricing, the executive argued that the merger doesn’t pose “any concentration risk” and that Netflix is working with the US Department of Justice on potential guardrails against more price hikes.
Sarandos claimed that the merger would “create more value for consumers.” However, his idea of value isn’t just about how much subscribers pay to stream but about content quality. By his calculations, which he provided without further details, Netflix subscribers spend an average of 35 cents per hour of content watched, compared to 90 cents for Paramount+.
The Netflix stat is similar to one provided by MoffettNathanson in January 2025, finding that in the prior quarter, on average, Netflix generated 34 cents in subscription fees per hour of content viewed per subscriber. At the time, the research firm said Paramount+ made an average of 76 cents per hour of content viewed per subscriber.
Downplaying Monopoly Concerns
Netflix views Warner as “both a competitor and a supplier,” Sarandos said when subcommittee chair Republican senator Mike Lee of Utah asked why Netflix wants to buy WB’s film studios, per Variety. The streaming executive claimed that Netflix’s “history is about adding more and more” content and choice.
Advertisement
During the hearing, Sarandos argued that streaming is a competitive business and pointed to Google, Apple, and Amazon as “deep-pocketed tech companies trying to run away with the TV business.” He tried to downplay concerns that Netflix could become a monopoly by emphasizing YouTube’s high TV viewership. Nielsen’s The Gauge tracker shows which platforms Americans use most when using their TVs (as opposed to laptops, tablets, or other devices). In December, it said that YouTube, not including YouTube TV, had more TV viewership (12.7 percent) than any other streaming video-on-demand service, including second-place Netflix (9 percent). Sarandos claimed that Netflix would have 21 percent of the streaming market if it merged with HBO Max.
Without meaningful deterrents, Big Tech companies will do what’s profitable, regardless of the cost to consumers. But a new bipartisan bill could add a check that would make them think twice, at least in one area. On Wednesday, Senators Ruben Gallego (D-AZ) and Bernie Moreno (R-OH) introduced legislation that would require social platforms to crack down on scam ads.
The Safeguarding Consumers from Advertising Misconduct (SCAM) Act would require platforms to take reasonable steps to prevent fraudulent or deceptive ads that they profit from. If they don’t, the Federal Trade Commission (FTC) and state attorneys general could take civil legal action against them.
The bill’s sponsors, Ruben Gallego (L) and Bernie Moreno (Ruben Gallego (Bluesky) / Bernie Moreno)
The backdrop to the SCAM Act is a Reuters report from last November. Meta reportedly estimated that up to 10 percent of its 2024 revenue came from scam ads. The company is said to have calculated that as much as $16 billion of its revenue that year was from scams, including “fraudulent e-commerce and investment schemes, illegal online casinos and the sale of banned medical products.”
Making matters worse, Meta reportedly refused to block small fraudsters until their ads were flagged at least eight times. Meanwhile, bigger spenders were said to have accrued at least 500 strikes without being removed. Executives reportedly wrestled with how to get the problem under control — but only without affecting the company’s bottom line. At one point, managers were told not to take any action that could cost Meta more than 0.15 percent of its total revenue. (See what I mean about needing meaningful deterrents?)
Advertisement
According to the FTC, Americans’ estimated total loss from fraud in 2024 (adjusted for underreporting) was nearly $19 billion. An estimated $81.5 billion of that came from seniors.
“If a company is making money from running ads on their site, it has a responsibility to make sure those ads aren’t fraudulent,” Sen. Gallego said in a statement. “This bipartisan bill will hold social media companies accountable and protect consumers’ money online.”
“It is critical that we protect American consumers from deceptive ads and shameless fraudsters who make millions taking advantage of legal loopholes,” Moreno added. “We can’t sit by while social media companies have business models that knowingly enable scams that target the American people.”
Plasma propulsion transforms an inert propellant – often hydrogen – into plasma, a superheated mix of ions and electrons. Magnetic fields then funnel and accelerate the plasma to extreme velocities, generating thrust. Read Entire Article Source link
Clayton described Lin as one of the world’s most prolific online narcotics traffickers. For at least four years, the Taiwan-born man managed a massive volume of e-commerce transactions totaling hundreds of millions of dollars. Lin launched the Incognito Market website in October 2020, exploiting the Tor browser’s anonymous network in… Read Entire Article Source link
The company expects AVs to unlock a ‘multitrillion-dollar’ opportunity.
Uber said it will roll out autonomous vehicles (AV) in London, Madrid, Munich, Hong Kong and a number of US cities, including in California, as the ride-hailing platform eyes leadership in robotaxi services by 2029.
The announcement came alongside a reasonably strong quarter from the company. Revenue for Q4 2025 grew by 20pc to $14.4bn – though short of analyst expectations – while its consumer base grew to more than 200m monthly users completing more than 40m trips daily.
“We enter 2026 with a rapidly growing topline, significant cash flow, and a clear path to becoming the largest facilitator of AV trips in the world,” said Uber CEO Dara Khosrowshahi. The company expects AVs to unlock a “multitrillion-dollar” opportunity.
Advertisement
Uber currently operates its AVs in Abu Dhabi, Dubai and Riyadh, alongside US cities Atlanta, Austin and Dallas. It reported that AV operations in Austin and Atlanta are among its fastest-growing areas in the US.
The expansion marks Uber’s full entry into Europe and Asia with its self-driving taxis. An Uber spokesperson told Bloomberg that the company will partner with previously announced technology providers.
Uber has existing partnerships with the US’s May Mobility, Lucid, and Nuro, China’s Baidu and WeRide, and the UK’s Wayve to test and deploy AVs across metropolitan areas worldwide. It also works with Nvidia – which recently unveiled open-source AI models for self-driving vehicles – to develop the tech behind its robotaxis.
Uber benefits from its established identity as a ride-hailing service provider, but it faces competition in the AV space. Earlier this week, self-driving car company Waymo announced a $16bn funding round, taking it to a $126bn valuation. It plans to grow its services within the US and expand internationally to 20 new cities, including London and Tokyo.
Meanwhile, Tesla reported a quarterly revenue drop of 3pc, the first time it has ever reported a revenue decline. The company has been slow to experiment with self-driving taxis, launching a pilot service in Austin last year complete with human safety supervisors. Last month, the company said that it had removed some of the supervisors from its Austin fleet.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
