Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

ServiceNow hit by network compromise

Incident
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

ServiceNow disclosed an unauthorized access incident affecting hosted customer instances, with evidence that attackers made successful queries of instance tables against a subset of customers. The company said it applied a security update on June 5, 2026 after a flaw could let unauthenticated users gain greater access than intended. Impacted customers were notified, and the issue affected systems on the Australia platform release or certain earlier configurations. The activity shows real compromise of instance data access rather than a purely theoretical risk.

Related Happenings

ServiceNow hosted customer instances unauthenticated access security flaw

Vulnerability
H score6 First: 10.06.2026 10:02 Last: 10.06.2026 10:02 Sources 1

How related: The update concerned a security issue that could allow an unauthenticated user, in certain circumstances, to gain greater access to ServiceNow instances than intended.

About this happening: **ServiceNow hosted customer instances** were exposed to an **unauthenticated access flaw** that let a user gain greater access than intended, and ServiceNow pushed a **June 5, 20...

Open Happening

Timeline

  1. 10.06.2026 10:02 1 articles · 2h ago

    ServiceNow applies security update to hosted customer instances

    Mitigation Patch Update

    ServiceNow applied a security update to hosted customer instances and changed endpoint configuration to restrict access to authenticated users after identifying a security issue that could let an unauthenticated user gain greater access than intended. The issue affected customers on the Australia platform release or certain configurations on releases prior to Australia.

    Show sources
    Open in new tab
  2. 10.06.2026 10:02 2 articles · 2h ago

    ServiceNow discloses unauthorized access to customer instance tables

    Initial Disclosure

    ServiceNow disclosed a security incident involving unknown threat actors who exploited a flaw to gain deeper unauthorized access to hosted customer instances. The company detected anomalous activity, observed successful queries of instance tables against a subset of customers, and notified impacted customers.

    Show sources
    Open in new tab