Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned.
The targets
APT 29 (aka CozyBear, aka Midnight Blizzard), believed to be associated with the Russian Foreign Intelligence Service (SVR), has been active since 2013.