"Ransomware Gangs Exploit Critical JetBrains TeamCity Vulnerability"
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of an actively exploited critical security flaw in JetBrains TeamCity On-Premises software, allowing for complete compromise of a server by a remote unauthenticated attacker. The vulnerability, tracked as CVE-2024-27198, has been used by threat actors to deliver ransomware and create rogue user accounts. Users are urged to apply updates immediately, with federal agencies required to patch their instances by March 28, 2024.