Threat Post

Most ServiceNow Instances Misconfigured, Exposed

Customers aren’t locking down access correctly, leading to ~70 percent of ServiceNow implementations tested by AppOmni being vulnerable to malicious data extraction. Nearly 70 percent of instances of ...
Diginomica

Multi-tenant or multi-instance? ServiceNow exposes the debate

Multi-tenancy and multi-instance emerged as a discussion topic at a recent ServiceNow event. Brian Sommer unpicks the arguments. In a multi-tenant cloud application, essentially all of the customers ...
Bleeping Computer

Over 1,000 ServiceNow instances found leaking corporate KB data

Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.
CIO

ServiceNow certificate error disrupts operations for hundreds of organizations

The expired MID Server Root G2 SSL certificate caused connectivity failures across multiple services, including Orchestration, Discovery, and AI-powered functions such as Virtual Agent. Enterprise ...
Hosted on MSN

Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities

ServiceNow fixed three flaws in July 2024, but researchers from GreyNoise saw a resurgence of abuse The flaws can be used for full database access Users should patch immediately to make sure they are ...