Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware

Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024-27198, an authentication bypass vulnerability affecting the TeamCity server, has been disclosed and fixed in early March, along with CVE-2024-27199 – a directory traversal vulnerability in the same instance. Several proof-of-concept (PoC) exploits have since been published, and analysts started seeing massive exploitation of CVE-2024-27198 soon … More →

The post …

access attackers auth authentication authentication bypass bypass bypass vulnerability cryptominers cve cve-2024-27198 don't miss exploit exploiting flaw hot stuff jetbrains jetbrains teamcity malware march micro ransomware rats remote access remote access trojan remote access trojans researchers server teamcity timeline trend trend micro trojans vulnerability