TheFireofKnowing

‼️ New Research Drop ‼️ I’m excited to share my latest @AppOmniSecurity Labs research: a CVSS 9.3 critical vulnerability in #ServiceNow’s AI platform. It's dubbed "BodySnatcher" (CVE-2025-12420) because of its novel exploit path: it allowed an unauthenticated attacker to impersonate any user on the platform and execute powerful out-of-the-box (OOB) AI agents with the victim's permissions. The result? Complete platform takeover. Read my write-up here for the juicy technical details: appomni.com/ao-labs/bodysn… #cybersecurity #ai #saas #vulnerability