The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.
The Hacker News

AI Agents Are Becoming Authorization Bypass Paths

Enterprise AI agents boost automation but often run with broad permissions, allowing actions beyond user access and weakening ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
The Caledonian-Record

authID Announces Integration with ServiceNow to Deliver Secure, Frictionless Identity ...

New integration empowers organizations to protect accounts, reduce fraud, and enhance trust across ServiceNow-powered contact centers ...
CSO Online

CrowdStrike to acquire SGNL for $740M, expanding real-time identity security

The acquisition brings SGNL’s real-time, risk-aware authorization to CrowdStrike’s platform as machine identities and AI ...

ServiceNow patches critical security flaw allowing user impersonation

ServiceNow, one of the most popular cloud platforms for automating IT and business workflows, has said it recently patched a ...