"North Korean Hackers Exploiting Recent TeamCity Vulnerability"
"North Korean Hackers Exploiting Recent TeamCity Vulnerability"
According to Microsoft, multiple North Korean threat actors have been observed exploiting a recent vulnerability in JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server. Tracked as CVE-2023-42793, the critical severity flaw allows unauthenticated attackers to execute code remotely on vulnerable on-premises TeamCity instances and gain administrator-level permissions. JetBrains released patches for the bug on September 21, with the first in-the-wild exploitation attempts reported only one week later.