{"vulnerability": "CVE-2025-26399", "sightings": [{"uuid": "fc8178f3-2515-4870-9f0a-e283b73404ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/davidi99.bsky.social/post/3lzttmbjtxd2w", "content": "", "creation_timestamp": "2025-09-27T20:39:06.865086Z"}, {"uuid": "80fa475d-0edf-46a3-8a9a-2260b2e7f0b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26399", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lziaqufq2c2d", "content": "", "creation_timestamp": "2025-09-23T06:02:18.862744Z"}, {"uuid": "15f0b681-7bb3-4f35-8ff7-939a908eed26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26399", "type": "seen", "source": "https://infosec.exchange/users/defendopsdiaries/statuses/115253972092832952", "content": "", "creation_timestamp": "2025-09-23T14:00:49.275549Z"}, {"uuid": "0fb5c2e1-0d84-490d-bf4f-ede03af346f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lzinp2ye3c2b", "content": "", "creation_timestamp": "2025-09-23T09:53:56.839633Z"}, {"uuid": "a3f640ef-91db-4639-9169-fa693ff8f453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lzj3po2e222l", "content": "", "creation_timestamp": "2025-09-23T14:04:49.091644Z"}, {"uuid": "42dce944-432c-44f7-9174-9b5ba47f32d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/infosecindustry.bsky.social/post/3lzjerbr2ua2a", "content": "", "creation_timestamp": "2025-09-23T16:46:47.112879Z"}, {"uuid": "b4de8369-82cf-40b0-a42f-901ea5b42d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/infosecindustry.bsky.social/post/3lzizsscv6l2o", "content": "", "creation_timestamp": "2025-09-23T13:30:46.847276Z"}, {"uuid": "828b8fda-af7c-484b-a34d-5f38584c0884", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lzj2brmlbg2b", "content": "", "creation_timestamp": "2025-09-23T13:39:09.920285Z"}, {"uuid": "028b46b0-8294-42e2-b5e2-a467575002be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lzj2uwit6ns2", "content": "", "creation_timestamp": "2025-09-23T13:49:56.425062Z"}, {"uuid": "bd4baf76-b26d-4bcc-b339-0aa66b2b6858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/brooklyn305.bsky.social/post/3lzj3cnui622t", "content": "", "creation_timestamp": "2025-09-23T13:57:34.205460Z"}, {"uuid": "0f02882f-803c-4b99-82cf-38b6005dd4e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://gist.github.com/Darkcrai86/db3c374d3d3b7ce872319cce351bc7a7", "content": "", "creation_timestamp": "2025-09-23T16:59:31.000000Z"}, {"uuid": "9e07453b-945b-4315-9a42-85f9814f8ff6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3lzjgzycbmb2r", "content": "", "creation_timestamp": "2025-09-23T17:27:27.182584Z"}, {"uuid": "c71ad935-f3c3-4990-ac5a-202adcd9cdc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/smartermsp.bsky.social/post/3m232fefhfp2y", "content": "", "creation_timestamp": "2025-09-30T17:29:04.888538Z"}, {"uuid": "0b934331-a0ab-433a-a790-3a9e3e50369c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lzjiejwmp342", "content": "", "creation_timestamp": "2025-09-23T17:51:28.085694Z"}, {"uuid": "39f9bec9-7464-43e7-baa6-30126c6c4762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lzj7totln22x", "content": "", "creation_timestamp": "2025-09-23T15:18:45.252390Z"}, {"uuid": "e3b458ea-121c-44b5-b9b5-0211b1695625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/crowdcyber.bsky.social/post/3lzjahjg4mv2l", "content": "", "creation_timestamp": "2025-09-23T15:29:44.538055Z"}, {"uuid": "a2340a79-d7b7-4edb-ae32-420cf8db0c02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://gist.github.com/Darkcrai86/90a29de635a75c3cd24c3ba2b1c551b7", "content": "", "creation_timestamp": "2025-09-30T15:07:22.000000Z"}, {"uuid": "81a203d0-71b7-41f8-a8ec-5f703c96ef65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-906/", "content": "", "creation_timestamp": "2025-09-23T03:00:00.000000Z"}, {"uuid": "59f5ba85-d505-423b-af3d-08c476ff99d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lzjbicf3rs2p", "content": "", "creation_timestamp": "2025-09-23T15:48:06.280545Z"}, {"uuid": "89790a3c-0af9-49e0-9a17-3a23f9164df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://thehackernews.com/2025/09/solarwinds-releases-hotfix-for-critical.html", "content": "", "creation_timestamp": "2025-09-23T10:46:00.000000Z"}, {"uuid": "5a2d3c0d-2fa6-4082-9aca-6a1872ef841d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lzjurpwguk22", "content": "", "creation_timestamp": "2025-09-23T21:33:22.397878Z"}, {"uuid": "a1c17377-53f1-4555-8664-5c1868d1dcd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3lzjlevlpyw23", "content": "", "creation_timestamp": "2025-09-23T18:45:08.785037Z"}, {"uuid": "10ef85fd-93f9-4ae3-bdc2-d8c794afc58d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115255134365690405", "content": "", "creation_timestamp": "2025-09-23T18:56:24.128853Z"}, {"uuid": "bff462f2-5633-4aea-9d56-1cf46118ac19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lzkebwq3pp2o", "content": "", "creation_timestamp": "2025-09-24T02:10:52.385696Z"}, {"uuid": "28038a3e-bc4f-4418-9da4-adc9973d968c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3lzklsl3yqe2h", "content": "", "creation_timestamp": "2025-09-24T04:25:26.152804Z"}, {"uuid": "d94434d2-ff8d-4cb5-bf7e-a49e2d87eeea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mejqwvkvkx2l", "content": "", "creation_timestamp": "2026-02-10T20:01:48.456449Z"}, {"uuid": "8f6ad11c-a673-4ee6-80b2-a40da288a85a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3lzkwd3bwn52q", "content": "", "creation_timestamp": "2025-09-24T07:33:37.795325Z"}, {"uuid": "8c3315f2-978d-435f-844b-b4e57ae01f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lzl47xi7ks27", "content": "", "creation_timestamp": "2025-09-24T09:19:16.084498Z"}, {"uuid": "5f7179e5-874c-4e2a-a87d-8358b44332a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://www.acn.gov.it/portale/w/solarwinds-web-help-desk-sfruttamento-attivo-di-vulnerabilita", "content": "", "creation_timestamp": "2026-02-12T15:00:47.000000Z"}, {"uuid": "4975c5aa-0a92-4b89-8ddf-154adef60702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116200818148253024", "content": "", "creation_timestamp": "2026-03-09T19:16:13.724081Z"}, {"uuid": "aa9b64a7-7862-4312-9db3-6b07c82ee07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3lzkuzfa2kk22", "content": "", "creation_timestamp": "2025-09-24T07:10:18.976771Z"}, {"uuid": "1e759869-9ab1-4f19-bc9b-7281e1ba4469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26399", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/115259589877486284", "content": "", "creation_timestamp": "2025-09-24T13:49:29.975126Z"}, {"uuid": "7b9851cc-26c9-4190-b33b-5597becefe69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/threatintel.microsoft.com/post/3megzzcefpy2w", "content": "", "creation_timestamp": "2026-02-09T18:06:13.622297Z"}, {"uuid": "6791171b-efb0-4f74-b5ca-ad411096b76e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/solarwinds-security-advisory-av25-613", "content": "", "creation_timestamp": "2026-03-09T17:48:18.000000Z"}, {"uuid": "2592befb-be75-43fe-9628-436bbc5a216f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mdj6cd76yd2i", "content": "", "creation_timestamp": "2026-01-28T21:03:04.608751Z"}, {"uuid": "637542f4-bce0-4fc4-af3b-9b31800ff4be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26399", "type": "seen", "source": "https://infosec.exchange/users/VirusBulletin/statuses/116045601083625021", "content": "", "creation_timestamp": "2026-02-10T09:22:44.284113Z"}, {"uuid": "7dbfa1c3-bda0-49cc-b050-0501bb253d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3men2cbbqc22w", "content": "", "creation_timestamp": "2026-02-12T03:27:19.917452Z"}, {"uuid": "202bd965-0e9e-47cd-80c8-e5152501a5f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3menbhbpbxc2w", "content": "", "creation_timestamp": "2026-02-12T05:35:20.286584Z"}, {"uuid": "a02d5b40-6362-4c08-a82c-3679719b4a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-26399", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/70150c7d-d6de-447e-b47b-c24838ffd8eb", "content": "", "creation_timestamp": "2026-03-09T20:00:02.909042Z"}, {"uuid": "aa0d7799-5e1b-407e-aad5-bb3d97fe5dad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://gist.github.com/gleeda/9da2c7389bbd2afefc72018834a2010a", "content": "", "creation_timestamp": "2026-02-08T20:29:18.000000Z"}, {"uuid": "fcffc5f3-d242-4929-88e6-709a6bad03fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/hasamba72.bsky.social/post/3mej67gok5w2m", "content": "", "creation_timestamp": "2026-02-10T14:26:33.906871Z"}, {"uuid": "236b7985-5c9e-44a2-9bd1-d856950d247b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/actualite/CERTFR-2026-ACT-011/", "content": "", "creation_timestamp": "2026-03-16T00:00:00.000000Z"}, {"uuid": "4083ef3b-9a5e-4e39-8b29-7953b8dbc116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-solarwinds-1", "content": "", "creation_timestamp": "2025-09-23T10:49:04.000000Z"}, {"uuid": "fa36c495-7226-4f05-8fb6-6a2e94c81673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-df887e70-aaa85e643f2fa245", "content": "", "creation_timestamp": "2026-03-13T15:12:35.384085Z"}, {"uuid": "8e8f843c-ec76-470c-9d36-68ab6d8d7b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mhbup66jae27", "content": "", "creation_timestamp": "2026-03-17T21:03:21.426852Z"}, {"uuid": "4a0e9a1d-2dc8-467f-9d08-c66e99b24429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://www.cisa.gov/news-events/alerts/2026/03/09/cisa-adds-three-known-exploited-vulnerabilities-catalog", "content": "", "creation_timestamp": "2026-03-09T12:00:00.000000Z"}, {"uuid": "20f91f89-e06e-4dda-8a50-5ca6070c5ce5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mjxq4rv3ie2z", "content": "", "creation_timestamp": "2026-04-21T00:30:27.489547Z"}, {"uuid": "92d31cf7-d88b-4122-a8c8-cb3079bd4ee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "exploited", "source": "https://t.me/true_secator/8123", "content": "Ransomware Payouts King \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440 QEMU \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e SSH \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e, \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f\u00a0\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0442\u0443\u043d\u043d\u0435\u043b\u0435\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430\u00a0\u043f\u043e SSH.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Sophos \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0434\u0432\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0432 \u0445\u043e\u0434\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 QEMU \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0447\u0430\u0441\u0442\u0438 \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u0440\u0441\u0435\u043d\u0430\u043b\u0430 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a STAC4713, \u0431\u044b\u043b\u0430 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2025 \u0433\u043e\u0434\u0430 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 Payouts King. \u0414\u0440\u0443\u0433\u0430\u044f, STAC3725, \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0430\u0441\u044c \u043d\u0430 CitrixBleed 2 (CVE\u20112025\u20115777) \u0432 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445 NetScaler ADC \u0438 Gateway.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u0441\u0442\u043e\u044f\u0449\u0438\u0435 \u0437\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439 STAC4713, \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 \u0443\u0433\u0440\u043e\u0437 GOLD ENCOUNTER, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u044b \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0434\u043b\u044f \u0441\u0440\u0435\u0434 VMware \u0438 ESXi.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Sophos, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c TPMProfiler \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b QEMU \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0444\u0430\u0439\u043b\u044b \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0438\u0441\u043a\u043e\u0432, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 DLL-\u0444\u0430\u0439\u043b\u044b \u0441 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0430\u0434\u0440\u0435\u0441\u0430\u0446\u0438\u0438 \u043f\u043e\u0440\u0442\u043e\u0432 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443 \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0439 SSH-\u0442\u0443\u043d\u043d\u0435\u043b\u044c.\n\n\u041d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 Alpine Linux 3.22.0, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a AdaptixC2, Chisel, BusyBox \u0438 Rclone.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0431\u044b\u043b \u043f\u043e\u043b\u0443\u0447\u0435\u043d \u0447\u0435\u0440\u0435\u0437 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 VPN-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f SonicWall, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0432 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2025-26399 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0432\u0435\u0431-\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 SolarWinds.\n\n\u041f\u043e\u0441\u043b\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 VSS (vssuirun.exe) \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0442\u0435\u043d\u0435\u0432\u043e\u0439 \u043a\u043e\u043f\u0438\u0438, \u0430 \u0437\u0430\u0442\u0435\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u044b print \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 SMB \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0444\u0430\u0439\u043b\u044b NTDS.dit, SAM \u0438 SYSTEM \u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438.\n\n\u0412 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u0412 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 GOLD ENCOUNTER \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0439 SSL VPN-\u0442\u0443\u043d\u043d\u0435\u043b\u044c Cisco, \u0430 \u0432 \u043c\u0430\u0440\u0442\u0435, \u0432\u044b\u0434\u0430\u0432\u0430\u044f \u0441\u0435\u0431\u044f \u0437\u0430 \u0418\u0422-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 Microsoft Teams \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c QuickAssist.\n\n\u0412 \u043e\u0431\u043e\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b ADNotificationManager.exe \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Havoc C2 (vcruntime140_1.dll), \u0430 \u0437\u0430\u0442\u0435\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e Rclone \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 SFTP-\u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u043e\u0442\u0447\u0435\u0442\u0443 Zscaler, Payouts King, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0431\u044b\u0432\u0448\u0438\u043c\u0438 \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c\u0438 BlackBasta, \u0441\u0443\u0434\u044f \u043f\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0438\u043c \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430: \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0430 \u0441\u043f\u0430\u043c\u0430,\u00a0\u0444\u0438\u0448\u0438\u043d\u0433 \u0432 Microsoft Teams \u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 Quick Assist.\n\n\u042d\u0442\u043e\u0442 \u0448\u0442\u0430\u043c\u043c \u0438\u043c\u0435\u0435\u0442 \u043c\u043e\u0449\u043d\u044b\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0446\u0438\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0430\u043d\u0430\u043b\u0438\u0437\u0430, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u0434\u0430\u0447 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0432\u044b\u0437\u043e\u0432\u044b.\n\n\u0412 \u0441\u0445\u0435\u043c\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f Payouts King \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f AES-256 (CTR) \u0441 RSA-4096 \u0438 \u043f\u0440\u0435\u0440\u044b\u0432\u0438\u0441\u0442\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432. \u0412 \u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u043a\u0430\u0445 \u0441 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u044b\u043a\u0443\u043f\u0430 \u0436\u0435\u0440\u0442\u0432\u0430\u043c \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442\u0441\u044f DLS-\u0441\u0430\u0439\u0442\u044b \u0432 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0435.\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 STAC3725 \u043f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 NetScaler \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043b\u0438 ZIP-\u0430\u0440\u0445\u0438\u0432 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b \u0441\u043b\u0443\u0436\u0431\u0443 AppMgmt, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b \u043d\u043e\u0432\u043e\u0433\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 (CtxAppVCOMService) \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b \u043a\u043b\u0438\u0435\u043d\u0442 ScreenConnect \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\nScreenConnect \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u043b\u0441\u044f \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u043e\u043d\u043d\u043e\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b \u0441\u0435\u0441\u0441\u0438\u044e \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b \u0438 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u044b\u0432\u0430\u043b \u043f\u0430\u043a\u0435\u0442 QEMU, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b \u0441\u043a\u0440\u044b\u0442\u0443\u044e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 Alpine Linux, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u043e\u0431\u0440\u0430\u0437 \u0434\u0438\u0441\u043a\u0430 .qcow2.\n\n\u0412\u043c\u0435\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0433\u043e\u0442\u043e\u0432\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b\u0438 \u0438 \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Impacket, KrbRelayx, Coercer, BloodHound.py, NetExec, Kerbrute \u0438 Metasploit, \u0432\u043d\u0443\u0442\u0440\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.\n\n\u041d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0441\u0431\u043e\u0440 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Kerberos, \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443 Active Directory \u0438 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0443 \u043a \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 FTP-\u0441\u0435\u0440\u0432\u0435\u0440\u044b.", "creation_timestamp": "2026-04-20T18:30:07.000000Z"}, {"uuid": "80128cda-e25c-4bc9-8a34-6f9b52777ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "exploited", "source": "https://t.me/true_secator/7893", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Huntress Security \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 SolarWinds Web Help Desk (WHD) \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Zoho ManageEngine.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0442\u0440\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0442\u0443\u043d\u043d\u0435\u043b\u0438 Cloudflare \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 Velociraptor \u0434\u043b\u044f C2. \u0412\u0441\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0431\u0449\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f 16 \u044f\u043d\u0432\u0430\u0440\u044f \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SolarWinds WHD.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-40551, \u043a\u043e\u0442\u043e\u0440\u044b\u0435\u00a0CISA \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430\u00a0\u043a\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2025-26399.\n\n\u041e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE \u043d\u0430 \u0445\u043e\u0441\u0442-\u043c\u0430\u0448\u0438\u043d\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0421\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Microsoft\u00a0\u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u043b\u0438 \u00ab\u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u043e\u0435 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0435, \u0432 \u0445\u043e\u0434\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b SolarWinds Web Help Desk (WHD)\u00bb, \u043d\u043e \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b \u0430\u0433\u0435\u043d\u0442 Zoho ManageEngine Assist \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e MSI-\u0444\u0430\u0439\u043b\u0430, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0441 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Catbox. \n\n\u0417\u0430\u0442\u0435\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0445\u043e\u0441\u0442 \u0432 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 Zoho Assist, \u043f\u0440\u0438\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u043a \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u043e\u043c\u0443 Proton Mail.\n\n\u042d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0440\u0443\u0447\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0438 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438 Active Directory (AD), \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f Velociraptor, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c\u043e\u0433\u043e \u0432 \u0432\u0438\u0434\u0435 MSI-\u0444\u0430\u0439\u043b\u0430 \u0438\u0437 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 Supabase.\n\nVelociraptor - \u044d\u0442\u043e \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 DFIR, \u043a\u043e\u0442\u043e\u0440\u044b\u0439,\u00a0\u043a\u0430\u043a \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 Cisco Talos, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435 \u043f\u043e \u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c ransomware.\n\n\u0412 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 Huntress \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 DFIR \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b C2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0447\u0435\u0440\u0435\u0437 Cloudflare Workers.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e Velociraptor, 0.73.4, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u043c\u0435\u0435\u0442 EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0445\u043e\u0441\u0442\u0443.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b Cloudflared \u0438\u0437 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043d\u0430 GitHub, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0435\u0433\u043e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u0430\u043d\u0430\u043b\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0442\u0443\u043d\u043d\u0435\u043b\u0435\u0439 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f C2.\n\n\u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u043b\u043e\u0441\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0438 (TPMProfiler), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0431\u044d\u043a\u0434\u043e\u0440 SSH \u0447\u0435\u0440\u0435\u0437 QEMU.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u043b\u0438 Windows Defender \u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0432 \u0440\u0435\u0435\u0441\u0442\u0440\u0435, \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c SolarWinds Web Help Desk \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2026.1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c \u0447\u0435\u0440\u0435\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0438 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0432\u0441\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u043c.\n\nHuntress \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430\u043c\u0438 Sigma \u0438 IOCs, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0442\u0443\u043d\u043d\u0435\u043b\u0435\u0439 Zoho Assist, Velociraptor, Cloudflared \u0438 VS Code, \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 MSI \u0438 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 PowerShell.\n\n\u041f\u043e\u043a\u0430 \u043d\u0438 Microsoft, \u043d\u0438 Huntress \u043d\u0435 \u0441\u0432\u044f\u0437\u0430\u043b\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0441 \u043a\u0430\u043a\u0438\u043c\u0438-\u043b\u0438\u0431\u043e \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u043c\u0438 \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u0443\u0433\u0440\u043e\u0437 \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043f\u043e \u0447\u0430\u0441\u0442\u0438 \u043c\u043e\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0430\u043a\u0442\u043e\u0440\u0430.", "creation_timestamp": "2026-02-10T11:28:19.000000Z"}, {"uuid": "2f5e75d4-6227-4735-a0f9-10648f1fce22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://t.me/DarkWebInformer_News/8736", "content": "\ud83d\udea8 News Alert!\n\nSource: The Hacker News\nTitle: SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw\nLink: https://thehackernews.com/2025/09/solarwinds-releases-hotfix-for-critical.html", "creation_timestamp": "2025-09-23T13:23:43.000000Z"}, {"uuid": "9843dea8-eca7-41a2-96c6-d22499c08d80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "exploited", "source": "https://t.me/thehackernews/8562", "content": "\u26a0\ufe0f CISA added 3 actively exploited flaws to KEV.\n\nMost critical: SolarWinds Web Help Desk CVE-2025-26399 (CVSS 9.8) allowing remote command execution.\n\nOther KEV entries hit Omnissa Workspace One UEM and Ivanti Endpoint Manager. Federal agencies ordered to patch.\n\n\ud83d\udd17 Details \u2192 https://thehackernews.com/2026/03/cisa-flags-solarwinds-ivanti-and.html", "creation_timestamp": "2026-03-10T06:49:44.000000Z"}, {"uuid": "54ee0ade-30c8-47af-87b6-eccb4d5b83f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "exploited", "source": "https://t.me/cKure/16084", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 \u26a0\ufe0f CISA added 3 actively exploited flaws to KEV.\n\nMost critical: SolarWinds Web Help Desk CVE-2025-26399 (CVSS 9.8) allowing remote command execution.\n\nOther KEV entries hit Omnissa Workspace One UEM and Ivanti Endpoint Manager. Federal agencies ordered to patch.\n\nhttps://thehackernews.com/2026/03/cisa-flags-solarwinds-ivanti-and.html", "creation_timestamp": "2026-03-10T06:36:48.000000Z"}, {"uuid": "b43f6587-1bdb-4840-ace1-866eae22b5ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://t.me/information_security_channel/54193", "content": "SolarWinds Makes Third Attempt at Patching Exploited Vulnerability\nhttps://www.securityweek.com/solarwinds-makes-third-attempt-at-patching-exploited-vulnerability/\n\nCVE-2025-26399 is a patch bypass of CVE-2024-28988, which is a patch bypass of the exploited CVE-2024-28986.\nThe post SolarWinds Makes Third Attempt at Patching Exploited Vulnerability (https://www.securityweek.com/solarwinds-makes-third-attempt-at-patching-exploited-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-09-23T17:35:41.000000Z"}, {"uuid": "a4c8f296-d5ea-4edb-b892-d09e2bcc292e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "published-proof-of-concept", "source": "Telegram/jpq7xNmqEUaWbOB27zN-cWLV6GgbPqco5tf8XWR2gLt0vw", "content": "", "creation_timestamp": "2025-09-23T15:40:19.000000Z"}, {"uuid": "cbef4b68-e772-4d31-994d-0d024eaeacef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "published-proof-of-concept", "source": "Telegram/xaSCLKvICw2A_Fai0z4K07YcW5xGvEWU_BGhiwEfI4ZpI_U", "content": "", "creation_timestamp": "2025-09-23T19:00:08.000000Z"}, {"uuid": "d632c232-23a1-41fe-9961-b7883435b7a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "published-proof-of-concept", "source": "Telegram/X82p3rnDkA7YM_BIDl9KsiIi12cHfOU8iO7kJHRRnMuz9iU", "content": "", "creation_timestamp": "2025-09-23T21:00:04.000000Z"}, {"uuid": "2b60be4e-0d31-4a4c-9847-14201a4f35d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/16356", "content": "SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw \u2013 thehackernews.com\n\nTue, 23 Sep 2025 20:46:00", "creation_timestamp": "2025-09-23T16:03:53.000000Z"}, {"uuid": "edf79586-579a-4c35-ae1c-00da54ea5736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26399", "type": "seen", "source": "https://t.me/thehackernews/7581", "content": "\ud83d\udea8 Critical flaw in SolarWinds Web Help Desk (CVE-2025-26399, CVSS 9.8) lets attackers run code without logging in.\n\nThis is the third patch attempt\u2014after two previous \u201cfixes\u201d were bypassed.\n\nAdmins: update to 12.8.7 HF1 now.\n\nFull story \u2192 https://thehackernews.com/2025/09/solarwinds-releases-hotfix-for-critical.html", "creation_timestamp": "2025-09-23T12:48:54.000000Z"}]}