CSO Online

ServiceNow fixes API issue after reports of suspicious tenant activity

ServiceNow says security researchers were behind activity linked to a newly patched authentication flaw, but the company ...
techtimes

ServiceNow Data Breach: Gated Advisory Left Customers Unaware of Exploited Zero-Auth API

Enterprise security teams are auditing logs and rotating credentials this week after ServiceNow confirmed that attackers successfully queried sensitive customer instance data through an ...

Critical UniFi OS bug lets hackers gain root without authentication

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...