ZDNet

ServiceNow releases guidance on Access Control List misconfigurations after report highlights prevalence

ServiceNow has published guidance for its customers related to Access Control List (ACL) misconfigurations after an AppOmni security report found that 70% of the instances they tested had the issue.
The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.
Dark Reading

'Most Severe AI Vulnerability to Date' Hits ServiceNow

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
Security Boulevard

Agents Aren’t People: What the ServiceNow Vulnerability Reveals About Agentic AI Access Control

Enterprise security teams are beginning to encounter a category of access failure that feels unfamiliar only because its consequences arrive faster than expected.  Systems that once required multiple ...