The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.
CSO Online

ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations

A vulnerability that impacts Now Assist AI Agents and Virtual Agent API applications could be exploited to create backdoor ...

ServiceNow patches critical security flaw allowing user impersonation

It is the most severe AI-driven vulnerability ever found, researchers say ...
Security

ArmorCode announces ServiceNow Vulnerability Response integration

ArmorCode today announced the launch of two new apps in the ServiceNow Store. This integration strengthens vulnerability management programs by harnessing AI-powered correlation and remediation to ...
Yahoo

Several ServiceNow flaws are being linked together to attack companies and organizations

Hackers have been seen linking multiple ServiceNow vulnerabilities to target companies and organizations, and steal user login credentials. Cybersecurity researchers from Resecurity spotted an input ...
CRN

VMware, ServiceNow, Acronis Vulnerabilities Exploited: 5 Things To Know

New disclosures Monday pointed to attacks exploiting vulnerabilities in the three vendors’ platforms. New disclosures Monday revealed attacks exploiting vulnerabilities in widely used platforms from ...
Business Insider

Bishop Fox Announces Cosmos Integration with ServiceNow to Streamline Vulnerability Management and Accelerate Remediation

PHOENIX, Oct. 01, 2024 (GLOBE NEWSWIRE) -- Bishop Fox, the leading authority in offensive security, today announced Cosmos for ServiceNow, developed in partnership with ServiceNow to enable customers ...
Security Boulevard

Agents Aren’t People: What the ServiceNow Vulnerability Reveals About Agentic AI Access Control

Enterprise security teams are beginning to encounter a category of access failure that feels unfamiliar only because its consequences arrive faster than expected.  Systems that once required multiple ...
Opinion
Security BoulevardOpinion

We’re Moving Too Fast: Why AI’s Race to Market Is a Security Disaster

The recently disclosed ServiceNow vulnerability should terrify every CISO in America. CVE-2025-12420, dubbed “BodySnatcher,” represents everything wrong ...
Security

Censys announces ServiceNow integration

This extended partnership between Censys and ServiceNow highlights the importance of visibility from organizations’ external attack surfaces into their security ecosystem. Building on Censys’ ...