US, UK Warn: Russian APT29 (Cozy Bear) Hackers Exploiting Unpatched Zimbra, TeamCity Servers Globally

US and UK government agencies have jointly issued a fresh cybersecurity advisory warning that Russian government hackers are targeting unpatched vulnerabilities in software systems. The National Cyber Security Centre (NCSC), along with US agencies including the FBI and NSA, identified the hacking group as APT29, also known as Cozy Bear or Russia's Foreign Intelligence Service (SVR). The advisory details the latest online tactics used by these hackers, who are exploiting unpatched vulnerabilities in platforms such as Zimbra and TeamCity servers, and are actively scanning for weaknesses in organizations' networks. This wave of Cozy Bear activity is targeting U.S. and global organizations. The agencies urge organizations globally to promptly apply security updates to mitigate the risk of compromise.