{"vulnerability": "CVE-2025-27920", "sightings": [{"uuid": "f42a561a-bd81-4cba-9906-7fe7ef059e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114536099967876264", "content": "", "creation_timestamp": "2025-05-19T19:16:30.298120Z"}, {"uuid": "0b142c33-34ab-4083-888e-3ac76e486889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4040098", "content": "", "creation_timestamp": "2025-05-19T19:56:22.645196Z"}, {"uuid": "1746a215-c9d4-47a2-8373-82492abf1515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lpk5ns7czr2b", "content": "", "creation_timestamp": "2025-05-19T18:00:17.967972Z"}, {"uuid": "6ed3f42c-9fa9-4fe0-bbcd-892d3bde90e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lplnk5is3s2w", "content": "", "creation_timestamp": "2025-05-20T08:17:30.330371Z"}, {"uuid": "dd3fc34f-d71c-437a-a221-4c53990bc551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lplnkafeyc2w", "content": "", "creation_timestamp": "2025-05-20T08:17:31.830338Z"}, {"uuid": "dcee8a69-67a2-4acf-9751-12b3478eee70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lplnkflv4c2w", "content": "", "creation_timestamp": "2025-05-20T08:17:33.327237Z"}, {"uuid": "eacd6d70-1dee-4098-af2a-f02627df7579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3logspxbc432r", "content": "", "creation_timestamp": "2025-05-05T16:41:29.012379Z"}, {"uuid": "f8696f98-29c2-4240-9615-2f8bd3965421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lp33bw5cxz26", "content": "", "creation_timestamp": "2025-05-13T18:07:55.099596Z"}, {"uuid": "cf71c13b-15ab-4b7f-a555-c4e731eeebac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpmyc6ky2z2a", "content": "", "creation_timestamp": "2025-05-20T21:02:23.263783Z"}, {"uuid": "5f9fafc4-e8a7-4dc6-811c-52522e7ba9cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3loyplq2oy62w", "content": "", "creation_timestamp": "2025-05-12T19:33:20.089911Z"}, {"uuid": "b2ae3119-d537-41d5-a259-33a0404701b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/yokoi.bsky.social/post/3loyyxzreos2e", "content": "", "creation_timestamp": "2025-05-12T22:21:19.429252Z"}, {"uuid": "bab13baa-7970-4118-b308-ad5b8e7a4682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lp3ezqzvhe26", "content": "", "creation_timestamp": "2025-05-13T21:02:22.327601Z"}, {"uuid": "25f669e9-564d-4e76-a3e5-93ce3d2006e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/stringsvsatoms.bsky.social/post/3lozq3x43lk2i", "content": "", "creation_timestamp": "2025-05-13T05:15:06.514944Z"}, {"uuid": "ae5186eb-bbcf-4135-ab38-99f6e2e60040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lozzh2lpaf2h", "content": "", "creation_timestamp": "2025-05-13T08:02:21.211860Z"}, {"uuid": "04ac702a-925a-4d0a-8b86-423a6a2d8704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lp246c4wu52e", "content": "", "creation_timestamp": "2025-05-13T08:51:07.541020Z"}, {"uuid": "dfa4f397-9bb9-4166-9dd2-65b8e2e1b487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/virusbtn.bsky.social/post/3lp25sp4uuc2j", "content": "", "creation_timestamp": "2025-05-13T09:20:29.745862Z"}, {"uuid": "6cb8dc53-d348-4273-9731-8af6e4c7ea13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lp6brsb3hi2c", "content": "", "creation_timestamp": "2025-05-15T00:42:10.767562Z"}, {"uuid": "bf46fcd4-a116-4530-801b-63e7bcf3ae3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lp2ehdmmbf2p", "content": "", "creation_timestamp": "2025-05-13T11:19:22.010846Z"}, {"uuid": "9789b5e9-c7b2-4273-9b76-763dbf556470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-47e8df00-879faa5b2ea09852", "content": "", "creation_timestamp": "2025-05-13T14:46:13.486971Z"}, {"uuid": "aa74bd9c-cf0a-4c08-bcf1-31cbb56ecce7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lp2v4o3c4426", "content": "", "creation_timestamp": "2025-05-13T16:17:37.114558Z"}, {"uuid": "59236626-a2dd-42f7-986c-20da7566af3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:16.000000Z"}, {"uuid": "a43aedd6-7da4-4a2c-8e62-004048bcd135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/insightsintothings.com/post/3lp5gmchuxs2t", "content": "", "creation_timestamp": "2025-05-14T16:35:56.399053Z"}, {"uuid": "bc721d9d-f671-46c3-9235-07f8b193ba13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "336ab2df-bf73-46eb-8e4c-dd85558f4a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lp3ya73k7pf2", "content": "", "creation_timestamp": "2025-05-14T02:46:27.898137Z"}, {"uuid": "8eaa4040-e707-4229-9964-20d06bf6124f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-06T01:04:20.000000Z"}, {"uuid": "1ef5e0c4-36ed-4d89-b782-a5d4c9190d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16946", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27920\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access.\n\ud83d\udccf Published: 2025-05-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-19T22:20:23.370Z\n\ud83d\udd17 References:\n1. https://www.srimax.com/products-2/output-messenger/\n2. https://www.outputmessenger.com/cve-2025-27920/", "creation_timestamp": "2025-05-19T22:39:45.000000Z"}, {"uuid": "79f8d15c-3c16-4332-99d7-9c8a91349f7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-21T10:03:55.000000Z"}, {"uuid": "858624f8-4599-4dfd-85cc-bf31bf9e8d6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mea3gieerc2z", "content": "", "creation_timestamp": "2026-02-06T23:42:52.316050Z"}, {"uuid": "fe10f608-f203-4d93-ba0a-1b8d6bbf21fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-27920", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1afdac08-fb5f-4d85-8fb7-8bebd7e4f42f", "content": "", "creation_timestamp": "2026-02-02T12:26:00.654117Z"}, {"uuid": "47388f8b-42a5-46b8-8c95-f4fe08ec4a98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "a40346b5-0a0c-4e58-879d-7656391613e4", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://vulnerability.circl.lu/comment/a79b754d-9252-4580-8912-42f39c854661", "content": "", "creation_timestamp": "2025-05-14T08:54:41.802843Z"}, {"uuid": "c4361114-bf44-43af-9d12-bc1bbed7f0fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "published-proof-of-concept", "source": "https://t.me/SpiderCodeCommunity1/225", "content": "Zero-Day Attack Targets Sensitive Kurdish Entities in Iraq \u2013 CVE-2025-27920 Analysis\n\nDate: May 13, 2025\nAuthor: Mohamed Ahmed Abo El-Yazid\n\n\n---\n\nDear friend,\nBefore we begin\u2014thank you for the incredible support. The better the support, the better we become together.\n\n\n---\n\nOverview of the Attack\n\nOn the morning of May 13, 2025, a cyber espionage attack targeting sensitive and critical entities in Iraq was uncovered. The threat actor behind the operation is a T\u00fcrkiye-affiliated group known as:\n\nMarbled Dust\n\nAlso known as: Cosmic Wolf, Sea Turtle, Teal Kurma, UNC1326\n\n\nThis campaign has reportedly been active since April 2024.\n\n\n---\n\nVulnerability Information\n\nThe attackers exploited a zero-day vulnerability in the enterprise communication platform Output Messenger, specifically affecting versions 2.0.62 and earlier.\n\nCVE: CVE-2025-27920\n\nType: Directory Traversal Vulnerability\n\nAffected Component: Server Manager application\n\nRisk Level (estimated): 7.5+ (pending CVSS official rating)\n\n\nTechnical Description:\n\nThis vulnerability allows authenticated remote attackers to access system files or execute unauthorized scripts by exploiting weak path validation logic inside the Output Messenger Server Manager.\n\n\n---\n\nAttack Chain Breakdown\n\n1. Initial Access:\nAttacker gains access to Output Messenger Server as an authenticated user (possibly via DNS hijacking or typosquatting to steal credentials).\n\n\n2. Exploitation:\nUsing CVE-2025-27920, the attacker drops malicious payloads in critical folders like the server startup directory and the Public/Videos folder.\n\n\n3. Payloads Used:\n\nOM.vbs: Executes other malicious files.\n\nOMServerService.vbs: Triggers the Golang backdoor.\n\nOMServerService.exe: A Golang-based backdoor.\n\nOMClientService.exe: Another Golang backdoor that runs on client devices.\n\n\n\n\n\n---\n\nObserved Impact\n\nRemote Code Execution (RCE)\n\nCredential Theft\n\nPersistence via Startup Scripts\n\nBackdoor Installation\n\nCommunication with C2 server:\napi.wordinfos[.]com\n\nInformation Disclosure\n\n\n\n---\n\nRecommended Mitigations\n\n1. Update Output Messenger to version 2.0.63 or later.\n\n\n2. Monitor outbound traffic for suspicious domains like api.wordinfos[.]com.\n\n\n3. Scan startup folders for files named OM*.vbs or OM*.exe.\n\n\n4. Audit server access logs for any unusual login activity.\n\n\n5. Apply network segmentation for critical servers.\n\n\n\n\n---\n\nWhy Iraq Was Targeted\n\nYou may wonder: what does Iraq have to do with this attack?\n\nThe answer is simple. The attack specifically targeted Kurdish individuals and entities in Iraq, likely including:\n\nMembers of the Kurdish military\n\nSecurity forces\n\nAdministrative organizations\n\n\nThis campaign was not random \u2014 it was part of a targeted cyber espionage operation aimed at Kurdish users of Output Messenger operating within Iraq.\n\n\n\nSource :\n\nhttps://thehackernews.com/2025/05/turkiye-hackers-exploited-output.html", "creation_timestamp": "2025-05-13T05:57:12.000000Z"}, {"uuid": "705804ed-ab15-41f8-9507-4d7788a1815e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "exploited", "source": "Telegram/vQlXfq_zkDIDjaOIRwbEuOP61_RVXkpHGWTmhrQUlvKSx2yd", "content": "", "creation_timestamp": "2025-09-15T16:00:59.000000Z"}, {"uuid": "34b7c400-5564-4ec1-8b25-c9b8ecd26303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "exploited", "source": "Telegram/pIfBoPNQae3N2kDiJCGUZ_PYe0KzyAyRE0UZTvbsqGW5lkra", "content": "", "creation_timestamp": "2025-09-13T12:50:26.000000Z"}, {"uuid": "16c60b80-b227-4e3a-9643-9479a3b5a1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://t.me/CyberBulletin/3254", "content": "\u26a1\ufe0fMicrosoft Threat Intelligence analysts who spotted these attacks also discovered the security flaw (CVE-2025-27920) in the LAN messaging application, a directory traversal vulnerability that can let authenticated attackers access sensitive files outside the intended directory or deploy malicious payloads on the server's startup folder.\n\n#CyberBulletin", "creation_timestamp": "2025-05-13T04:29:39.000000Z"}, {"uuid": "6a7995f8-c4d4-48a7-a293-b62a7d87b12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "exploited", "source": "https://t.me/hackyourmom/11460", "content": "\ud83d\udc7e Marbled Dust, \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u0430 \u0437 \ud83c\uddf9\ud83c\uddf7 \u043a\u0456\u0431\u0435\u0440\u0443\u0433\u0440\u0443\u043f\u0443\u0432\u0430\u043d\u043d\u044f, \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043b\u0430 \u043d\u0435\u0432\u0456\u0434\u043e\u043c\u0443 \u0440\u0430\u043d\u0456\u0448\u0435 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c CVE-2025-27920 \u0434\u043b\u044f \u0432\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044f \u0431\u0435\u043a\u0434\u043e\u0440\u0456\u0432 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0438, \u043f\u043e\u0432\u2019\u044f\u0437\u0430\u043d\u0456 \u0437 \u043a\u0443\u0440\u0434\u0441\u044c\u043a\u0438\u043c\u0438 \u0432\u0456\u0439\u0441\u044c\u043a\u043e\u0432\u0438\u043c\u0438 \u0432 \ud83c\uddee\ud83c\uddf6 #cybernews", "creation_timestamp": "2025-05-14T09:56:45.000000Z"}, {"uuid": "84ae0b53-cd47-4bda-9a09-4e539520244b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "exploited", "source": "https://t.me/thehackernews/6819", "content": "\ud83d\udea8 A zero-day exploit, a chat app, and a silent cyberwar.\n\nA T\u00fcrkiye-linked hacker group Marbled Dust exploited CVE-2025-27920 in India's Output Messenger\u2014targeting Kurdish military users in Iraq via a stealthy backdoor.\n\nRead details \u27a1\ufe0f https://thehackernews.com/2025/05/turkiye-hackers-exploited-output.html", "creation_timestamp": "2025-05-13T07:22:18.000000Z"}, {"uuid": "03ec38df-7f37-4477-8c0b-d80ff20ed9e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27920", "type": "seen", "source": "https://t.me/true_secator/7027", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Microsoft \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043d\u043e\u0432\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u0442\u0443\u0440\u0435\u0446\u043a\u043e\u0439 APT Marbled Dust, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u043a\u0443\u0440\u0434\u0441\u043a\u0438\u0445 \u0432\u043e\u0435\u043d\u043d\u044b\u0445, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0432 \u0418\u0440\u0430\u043a\u0435.\n\n\u0414\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0439 \u0442\u0443\u0440\u0435\u0446\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0441 \u0430\u043f\u0440\u0435\u043b\u044f 2024 \u0433\u043e\u0434\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 0-day \u0432 \u0438\u043d\u0434\u0438\u0439\u0441\u043a\u043e\u0439 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Output Messenger \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 Golang \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0441\u0431\u043e\u0440\u0443 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u0446\u0435\u043b\u0435\u0439 \u0432 \u0418\u0440\u0430\u043a\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u043c\u0435\u043b\u0438 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0435 \u043a\u0443\u0440\u0434\u0441\u043a\u0438\u043c \u0432\u043e\u0435\u043d\u043d\u044b\u043c, \u0447\u0442\u043e \u0432\u043f\u043e\u043b\u043d\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c  \u0443\u0441\u0442\u0440\u0435\u043c\u043b\u0435\u043d\u0438\u044f\u043c Marbled Dust.\n\n\u041d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438  \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0438 Marbled Dust (\u0440\u0430\u043d\u0435\u0435 Silicon), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u043a\u0430\u043a Cosmic Wolf, Sea Turtle, Teal Kurma \u0438 UNC1326.\n\n\u0421\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0430 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 2017 \u0433\u043e\u0434\u0430, \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0438 \u0432 \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u0410\u0444\u0440\u0438\u043a\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043b\u0438\u0448\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Cisco Talos.\n\n\u0412 \u043d\u0430\u0447\u0430\u043b\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430 APT \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0430 \u0442\u0435\u043b\u0435\u043a\u043e\u043c, \u0421\u041c\u0418, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 ISP, IT \u0438 \u043a\u0443\u0440\u0434\u0441\u043a\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0432 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u0430\u0445.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0430\u0442\u0430\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 0-day Output Messenger, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0438 \u044d\u0442\u0430\u043f \u0437\u0430\u0431\u043b\u0430\u0433\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439  \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438, \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d \u043f\u0443\u043b \u0446\u0435\u043b\u0435\u0439 \u0438\u0437 \u0447\u0438\u0441\u043b\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 Microsoft, - CVE-2025-27920, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u044e 2.0.62, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u0445.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 Srimax \u0432 \u043a\u043e\u043d\u0446\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.0.63. \u041e\u0434\u043d\u0430\u043a\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 \u0441\u0432\u043e\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438 \u043e \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0441 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e Output Messenger Server Manager \u043a\u0430\u043a \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c.\n\n\u0421\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e Marbled Dust \u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0430\u0441\u044c \u043d\u0430 DNS-\u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442 \u0438\u043b\u0438 \u0442\u0430\u0439\u043f\u0441\u043a\u0432\u043e\u0442\u0442\u0438\u043d\u0433 \u0434\u043e\u043c\u0435\u043d\u043e\u0432, \u0447\u0442\u043e\u0431\u044b \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0417\u0430\u0442\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0441\u044f \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f Output Messenger \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-27920 \u0441 \u0446\u0435\u043b\u044c\u044e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a OM.vbs \u0438 OMServerService.vbs, \u0432 \u043f\u0430\u043f\u043a\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0430 OMServerService.exe - \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 Users/public/videos \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b OMServerService.vbs \u0434\u043b\u044f \u0432\u044b\u0437\u043e\u0432\u0430 OM.vbs \u0438 OMServerService.exe, \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 Golang, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u043e\u043c\u0435\u043d\u043e\u043c (api.wordinfos[.]com) \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043a\u0430\u043a \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b OutputMessenger.exe, \u0442\u0430\u043a \u0438 OMClientService.exe, \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u0431\u044d\u043a\u0434\u043e\u0440 Golang, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043a \u04212 \u0434\u043e\u043c\u0435\u043d\u0443 Marbled Dust.\n\n\u042d\u0442\u043e\u0442 \u0431\u044d\u043a\u0434\u043e\u0440 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 GET \u043a \u0434\u043e\u043c\u0435\u043d\u0443 C2 api.wordinfos[.]com.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0445\u0430 \u043d\u0430 \u0442\u043e\u0442 \u0436\u0435 C2 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u0442\u043e\u0440\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 GET, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0438\u043c\u0435\u043d\u0438 \u0445\u043e\u0441\u0442\u0430 \u0434\u043b\u044f \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0417\u0430\u0442\u0435\u043c \u043e\u0442\u0432\u0435\u0442 \u043e\u0442 C2 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 Windows, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0440\u0430\u0431\u043e\u0442\u0430 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442\u0441\u044f.\n\n\u0412 \u043e\u0434\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0436\u0435\u0440\u0442\u0432\u044b \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435\u043c Output Messenger \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u043b\u043e\u0441\u044c \u043a IP-\u0430\u0434\u0440\u0435\u0441\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u043d\u0435\u0435 \u0431\u044b\u043b \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d \u043a\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 Marbled Dust \u0434\u043b\u044f \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\nMicrosoft \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432\u0442\u043e\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS) \u0432 \u0442\u043e\u0439 \u0436\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 (CVE-2025-27921), \u043d\u043e \u043d\u0435 \u043d\u0430\u0448\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041d\u043e\u0432\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0441\u0438\u0433\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442 \u043e \u0437\u0430\u043c\u0435\u0442\u043d\u043e\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0435\u0439 Marbled Dust \u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a \u043f\u0440\u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u0438\u0445 \u043e\u0431\u0449\u0435\u0433\u043e \u043a\u0443\u0440\u0441\u0430 \u0432 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0435.", "creation_timestamp": "2025-05-13T16:40:05.000000Z"}]}