TeamCity auth bypass enabling complete CI/CD pipeline takeover — exploited by Lazarus Group (North Korea) and COZY BEAR (Russia) for software supply chain attacks and intellectual property theft. Update to version 2023.05.4 immediately.
TeamCity server authentication bypass allowing unauthenticated attackers to execute RCE or steal build configurations, CI tokens, and source code.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →