BodySnatcher (CVE-2025-12420) exposes a critical agentic AI security vulnerability in ServiceNow. Aaron Costello's deep dive analyzes interplay between Virtual Agent API and Now Assist enabled in this exploit. The post BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow appeared first on AppOmni ... Read More

Aaron Costello uncovers how second-order prompt injection turns AI agents against their own systems. He explains how attackers exploit ServiceNow’s Now Assist and offers clear guidance on securing AI collaboration. The post When AI Turns on Its Team: Exploiting Agent-to-Agent Discovery via Prompt Injection appeared first on AppOmni ... Read More