Bleeping Computer

Over 1,000 ServiceNow instances found leaking corporate KB data

Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.
Dark Reading

'Most Severe AI Vulnerability to Date' Hits ServiceNow

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
Threat Post

Most ServiceNow Instances Misconfigured, Exposed

Customers aren’t locking down access correctly, leading to ~70 percent of ServiceNow implementations tested by AppOmni being vulnerable to malicious data extraction. Nearly 70 percent of instances of ...
TechRadar

Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities

ServiceNow fixed three flaws in May 2024, but researchers from GreyNoise saw a resurgence of abuse The flaws can be used for full database access Users should patch immediately to make sure they are ...
Diginomica

Multi-tenant or multi-instance? ServiceNow exposes the debate

Multi-tenancy and multi-instance emerged as a discussion topic at a recent ServiceNow event. Brian Sommer unpicks the arguments. In a multi-tenant cloud application, essentially all of the customers ...