Russian Foreign Intelligence Service (SVR) Cyber Actors Use JetBrains TeamCity CVE in Global Targeting

**Executive Summary:** US and allied agencies report that Russian SVR (APT29/CozyBear) actors have been exploiting CVE-2023-42793 in JetBrains TeamCity at scale since September 2023, targeting build servers to access source code, signing certificates, and software build pipelines. The actors have escalated privileges, moved laterally, deployed backdoors, and maintained persistent access, creating significant software supply-chain risk; agencies disrupted the campaign, published IOCs, and advise affected organizations to assume compromise and initiate threat hunting and incident response.