The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.
Dark Reading

Patch Now: ServiceNow Critical RCE Bugs Under Active Exploit

A threat actor on BreachForums is claiming to have harvested email addresses and associated hashes from more than 105 ServiceNow databases after exploiting two recently disclosed critical ...