In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
https://securityaffairs.com/169708/apt/apt29-target-zimbra-and-jetbrains-teamcity.html
https://www.theregister.com/2024/10/12/russia_is_targeting_you_for/
https://thehackernews.com/2024/10/cisa-warns-of-threat-actors-exploiting.html
https://www.ic3.gov/Media/News/2024/241010.pdf
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-207a
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2024-CTI-006.pdf
https://services.google.com/fh/files/misc/m-trends-2024.pdf
https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html
https://www.guidepointsecurity.com/blog/bianlian-gos-for-powershell-after-teamcity-exploitation/
https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a
https://www.sonarsource.com/blog/teamcity-vulnerability/
https://www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-to-hack-servers/
https://www.jetbrains.com/privacy-security/issues-fixed/
https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/