Bleeping Computer

New ServiceNow flaw lets attackers enumerate restricted data

A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access. ServiceNow is a cloud-based platform ...
Bleeping Computer

ServiceNow discloses security incident exposing customer data

Update 6/10/26: Added details below from a new ServiceNow advisory regarding the observed activity and bug bounty submissions. ServiceNow is warning about a security incident after attackers exploited ...
techtimes

ServiceNow Data Breach: Gated Advisory Left Customers Unaware of Exploited Zero-Auth API

Enterprise security teams are auditing logs and rotating credentials this week after ServiceNow confirmed that attackers successfully queried sensitive customer instance data through an ...