The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.
Dark Reading

'Most Severe AI Vulnerability to Date' Hits ServiceNow

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
CSO Online

ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations

A vulnerability that impacts Now Assist AI Agents and Virtual Agent API applications could be exploited to create backdoor ...