jetbrains
Safeguard articles tagged "jetbrains" — guides, analysis, and best practices for software supply chain and application security.
6 articles
JetBrains Plugin Security in 2026
JetBrains IDEs have a smaller plugin ecosystem than VS Code, but the security model is similar and the risks rhyme. Here is what to watch in 2026.
TeamCity Authentication Bypass Exploited by Nation-State ...
A critical TeamCity authentication bypass, CVE-2023-42793, let APT29 and North Korean hackers seize build servers for supply chain attacks.
TeamCity Authentication Bypass Enabling Admin Account Cre...
CVE-2024-27198 lets unauthenticated attackers bypass TeamCity login and create admin accounts, with active exploitation and ransomware activity observed.
How Snyk's JetBrains plugin family supports IntelliJ, PyC...
A mechanical look at how Snyk ships one JetBrains plugin across IntelliJ, PyCharm, WebStorm, GoLand, and Rider using a shared platform and backend scan engine.
JetBrains TeamCity CVE-2023-42793: When Your Build Server Becomes the Attack Vector
A critical authentication bypass in TeamCity allowed unauthenticated attackers to gain admin access to CI/CD servers. State-sponsored groups exploited it to compromise software supply chains.
JetBrains Plugin Security Verification: Protecting Your IDE
IDE plugins run with the same privileges as your IDE. A malicious IntelliJ plugin has access to your source code, credentials, and development environment.