Author: AppOmni Security Experts
-
What SaaS Security ROI Looks Like in Practice
Security leaders are under pressure to prove ROI for SaaS security. We outline how buyers can use ROI to evaluate impact.
-
Grubhub Confirmed as Latest Victim of Salesforce Data Breaches
We’re seeing the ‘long tail’ of a campaign where the actor’s initial breach yielded a large cache of OAuth integration tokens.
-
ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations
The vulnerability, dubbed BodySnatcher by researchers from AppOmni who found it, impacts the Now Assist AI Agents and Virtual Agent API applications.
-
How Has the “Groundbreaking” BodySnatcher Vulnerability Affected ServiceNow AI Agents?
BodySnatcher was identified in October 2025 by SaaS security firm AppOmni.
-
In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack
BodySnatcher is an agentic AI hijacking vulnerability affecting ServiceNow, discovered by AppOmni and fixed by ServiceNow in October 2025.
-
News brief: Security flaws put thousands of systems at risk
Aaron Costello, chief of security research at AppOmni, highlighted the exploit’s severity, calling it the most severe AI-driven vulnerability to date.
-
Breach Roundup: Software Update Caused Verizon Outage
AppOmni, which disclosed the issue, said the flaw lets an attacker use only a victim’s email address to spoof identity.
-
BodySnatcher flaw lets attackers take over ServiceNow’s AI agents
“Attackers could have effectively ‘remote controlled’ an organization’s AI, weaponizing the very tools meant to simplify the enterprise,” says Costello.
-
ServiceNow patches critical security flaw which could allow user impersonation
AppOmni, who discovered the flaw, dubbed it “BodySnatcher”.
-
ServiceNow patches critical AI platform flaw that could allow user impersonation
AppOmni’s research, which led to the vulnerability discovery, also revealed that default settings in ServiceNow’s Now Assist platform could enable second-order prompt…
