"Ransomware Attack on JetBrains TeamCity Exposes Critical Vulnerability"
Security researchers have observed active exploit attempts using vulnerabilities in JetBrains' TeamCity, leading to ransomware deployment. The vulnerabilities are being actively exploited in the wild, with attackers breaking into CI/CD servers and creating hundreds of accounts for later use. Due to uncoordinated disclosure between JetBrains and researchers at Rapid7, all the information required for an attacker to develop a working exploit was made public on the same day the patches were released. This has sparked a debate within the cybersecurity community about the best approach to vulnerability disclosure. Users of on-prem versions of TeamCity prior to 2023.11.4 are advised to apply the patches immediately to mitigate the risk of exploitation.