TeamCity auth bypass enabling complete CI/CD pipeline takeover — exploited by Lazarus Group (North Korea) and COZY BEAR (Russia) for software supply chain attacks and intellectual property theft. Update to version 2023.05.4 immediately.
TeamCity server authentication bypass allowing unauthenticated attackers to execute RCE or steal build configurations, CI tokens, and source code.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →