Checkmarx describes exploitation of CVE-2023-42793 in Internet-exposed JetBrains TeamCity servers by separate groups tied in the report to North Korea and Russia. The article frames the TeamCity activity as part of a broader software supply-chain trend, citing Lazarus Group’s 3CX compromise through trojanized X_TRADER software and Diamond Sleet’s hijacking of a signed CyberLink installer hosted on legitimate update infrastructure. For TeamCity, the reported attack path involved authorization bypass and arbitrary code execution, followed by privilege escalation, lateral movement, stealth through legitimate administrative tools, and deployment of payloads for exfiltration and backdoor access. The affected organizations included software providers, game companies, hosting and IT firms, and an energy trade association across multiple regions. The report highlights the importance of quickly patching CI/CD infrastructure because compromised build and update systems can give threat actors broad downstream reach.