ServiceNow Quietly Patches Flaw That Was Already Being Exploited Against Customers
ServiceNow has pushed out a fix for a security vulnerability that was actively being exploited against some of its hosted…
ServiceNow
ServiceNow Zero-Day Used to Breach Customer Instances — Patched Silently on June 5
ServiceNow customers got unwelcome news this week: unknown threat actors actively exploited an unauthenticated flaw to gain deeper access to…
ServiceNow Confirms Attackers Accessed Customer Data Through Unauthenticated API Flaw
Attackers exploited an unauthenticated API endpoint in ServiceNow to access customer instance data. The company quietly patched the flaw on June 5 after detecting anomalous activity, but not before data was queried.