Dark Reading

'Most Severe AI Vulnerability to Date' Hits ServiceNow

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.

ServiceNow patches critical security flaw allowing user impersonation

This issue [...] could enable an unauthenticated user to impersonate another user and perform the operations that the ...
CSO Online

ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations

A vulnerability that impacts Now Assist AI Agents and Virtual Agent API applications could be exploited to create backdoor ...
Bleeping Computer

New ServiceNow flaw lets attackers enumerate restricted data

A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access. ServiceNow is a cloud-based platform ...
Security

ArmorCode announces ServiceNow Vulnerability Response integration

This integration strengthens vulnerability management programs by harnessing AI-powered correlation and remediation. ArmorCode today announced the launch of two new apps in the ServiceNow Store. This ...
Business Wire

ArmorCode Announces ServiceNow Vulnerability Response Integration and Apps Now Available in Store

PALO ALTO, Calif.--(BUSINESS WIRE)--ArmorCode, the leader in AI-powered Application Security Posture Management (ASPM), today announced the launch of two new apps in the ServiceNow Store. This ...