PatchNow: ServiceNow Critical RCE Bugs Under Active Exploit
July 29, 2024 at 04:55PM A threat actor claims to have acquired email addresses and hashes from over 105 breached ServiceNow databases by exploiting two critical vulnerabilities, CVE-2024-4879 and CVE-2024-5217. The U.S. CISA has added the bugs to its exploited vulnerabilities catalog, and attacks are expected to escalate. ServiceNow has issued hotfixes for the flaws. … Read more