Dark Reading

Patch Now: Critical TeamCity Bug Allows for Server Takeovers

JetBrains has patched a critical security vulnerability in its TeamCity On-Premises server that can allow unauthenticated remote attackers to gain control over an affected server and use it to perform ...
Bleeping Computer

Exploit available for new critical TeamCity auth bypass bug, patch now

A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions ...
Bleeping Computer

CISA: Russian hackers target TeamCity servers since September

CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service (SVR) has been targeting unpatched TeamCity ...
Dark Reading

JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive

Attacks targeting two security vulnerabilities in the TeamCity CI/CD platform have begun in earnest just days after its developer, JetBrains, disclosed the flaws on March 3. The attacks include at ...
CSOonline

TeamCity supply chain bugs receive massive exploitation

The TeamCity on-premises bugs that received patches on Monday have already been used by hackers to generate unauthorized admin accounts at a massive scale, according to the threat search engine LeakIX ...
Infosecurity-magazine.com

Hundreds of Rogue Users Added to Unpatched TeamCity Servers

Security experts have warned that threat actors are now exploiting a critical TeamCity vulnerability en masse, creating hundreds of new user accounts on compromised servers. TeamCity is a popular ...