Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024-27198, an authentication bypass vulnerability affecting the TeamCity server, has been disclosed and fixed in early March, along with CVE-2024-27199 – a directory traversal vulnerability in the same instance. Several proof-of-concept (PoC) exploits have since been published, and analysts started seeing massive exploitation of CVE-2024-27198 soon … More

The post Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware appeared first on Help Net Security.