Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.
Update 6/10/26: Added details below from a new ServiceNow advisory regarding the observed activity and bug bounty submissions. ServiceNow is warning about a security incident after attackers exploited ...
A researcher from security vendor AppOmni uncovered more than 1,000 ServiceNow instances that have been exposing Knowledge Base data. More than 1,000 ServiceNow instances have been discovered to be ...
Cloud technology giant ServiceNow has notified some of its customers that a software bug on its platform was allowing anyone on the internet to access their data. According to a report in TechCrunch, ...
ServiceNow is used by thousands of enterprises to automate their internal processes, but says several customers had data accessed because of a security bug.
Enterprise security teams are auditing logs and rotating credentials this week after ServiceNow confirmed that attackers successfully queried sensitive customer instance data through an ...
A threat actor on BreachForums is claiming to have harvested email addresses and associated hashes from more than 105 ServiceNow databases after exploiting two recently disclosed critical ...
Multi-tenancy and multi-instance emerged as a discussion topic at a recent ServiceNow event. Brian Sommer unpicks the arguments. In a multi-tenant cloud application, essentially all of the customers ...
ServiceNow warned that a vulnerability may have been used to target customer environments, but the company has since attributed this activity to bug bounty research. The business workflow software ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results