Ransomware attack on Indian payment system traced back to Jenkins bug. Researchers at Juniper Networks analyzed the recent breach of the National Payments Corporation of India (NPCI). Researchers have discovered that a damaging ransomware attack on a digital payment system used by many of India’s banks began with a vulnerability in Jenkins — a widely used open-source automation system for software developers. Juniper Networks published a study this week analyzing how the attackers abused CVE-2024-23897, a vulnerability in the Jenkins Command Line Interface, which helps developers interact with the system. Third-party company: C-Edge Technologies Ltd.