{"vulnerability": "CVE-2025-6894", "sightings": [{"uuid": "1cf34d49-cbb1-4bf1-8b4b-8cc6d1b8c42b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68940", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mauhov22bm2x", "content": "", "creation_timestamp": "2025-12-26T04:34:46.609072Z"}, {"uuid": "fde6710c-a580-4bbc-a2c7-456ea2e0c19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3me7siiyeik2c", "content": "", "creation_timestamp": "2026-02-06T21:02:58.534465Z"}, {"uuid": "23065ec7-fa86-4034-9fc1-ecd719b4b3fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6894", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115389765944283292", "content": "", "creation_timestamp": "2025-10-17T13:34:59.307309Z"}, {"uuid": "e73416bf-5130-498f-af0d-43a5f022295b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68948", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mawrj5og3l22", "content": "", "creation_timestamp": "2025-12-27T02:35:50.752334Z"}, {"uuid": "6b20d3f7-a2b5-493b-bf00-c833baabd5db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68942", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mauhwudxb32g", "content": "", "creation_timestamp": "2025-12-26T04:39:14.167061Z"}, {"uuid": "0cc58815-280c-4324-b09c-786cc412e3f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68943", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mauisc3sqs22", "content": "", "creation_timestamp": "2025-12-26T04:54:36.490320Z"}, {"uuid": "5ec394c8-d8ce-4902-9e76-fc95c030e2d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68941", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mauizxno7l2x", "content": "", "creation_timestamp": "2025-12-26T04:58:51.744820Z"}, {"uuid": "7c68284d-4441-439b-b84a-e517d5a8bc8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68944", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3maujcw2oyg2o", "content": "", "creation_timestamp": "2025-12-26T05:03:52.300749Z"}, {"uuid": "382245be-131b-48ab-95b3-6d93052b5a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mcg2r5k6yw2g", "content": "", "creation_timestamp": "2026-01-14T21:56:31.530444Z"}, {"uuid": "fcb53f3f-1c53-43d7-ae92-be2ac063426b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcdj3hxcph2g", "content": "", "creation_timestamp": "2026-01-13T21:34:50.294907Z"}, {"uuid": "fd723d25-2f6c-4aeb-9a20-db71ea1a52e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "exploited", "source": "https://t.me/thehackernews/8386", "content": "\u26a0\ufe0f\ud83d\udee0\ufe0f Reynolds ransomware embeds its own BYOVD evasion, bundling a vulnerable driver to disable EDR before encryption.\n\nIt drops the NSecKrnl driver (CVE-2025-68947) to kill security tools, reducing detection and affiliate effort.\n\n\ud83d\udd17 Read full attack chain and defense insights \u2192 https://thehackernews.com/2026/02/reynolds-ransomware-embeds-byovd-driver.html", "creation_timestamp": "2026-02-10T14:44:42.000000Z"}, {"uuid": "475d1e95-e6cf-41e5-9736-0a16a76ea52b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68948", "type": "published-proof-of-concept", "source": "Telegram/79M2PUWRnDZFfaBX3deh-SQz72WULa4jlHjBh-ox2wjl5as", "content": "", "creation_timestamp": "2026-01-02T21:53:02.000000Z"}, {"uuid": "234cefc5-4663-4982-bfc6-5197952b0e0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6894", "type": "seen", "source": "https://t.me/ics_cert/1339", "content": "\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627\u0628\u0637 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0646\u0648\u06cc\u0633\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc (API) \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 Moxa \u0633\u0631\u06cc\u200c\u0647\u0627\u06cc EDR-G9010\u060c EDR-8010\u060c EDF-G1002-BP\u060c TN-4900\u060c NAT-102\u060c NAT-108\u060c OnCell G4302-LTE4 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u062d\u0633\u0627\u0628 \u06a9\u0627\u0631\u0628\u0631\u06cc \u06a9\u062f\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0633\u062e\u062a \u0627\u0633\u062a. \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u06a9\u0646\u200c\u0647\u0627\u06cc JSON Web Tokens (JWT) \u0628\u0647 \u0637\u0648\u0631 \u06a9\u0627\u0645\u0644 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f.\n\nCVE-2025-6950\n\n\u0646\u0635\u0628 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0645\u0639\u062a\u0628\u0631. \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0645\u0648\u062c\u0648\u062f \u0648 \u062a\u062d\u0631\u06cc\u0645\u200c\u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645\u06cc \u0631\u06cc\u0633\u06a9\u200c\u0647\u0627\u06cc \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u0634\u0648\u0646\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647\u061b\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647\u200c\u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u062a\u0642\u0633\u06cc\u0645\u200c\u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc (\u06a9\u0634\u0641\u060c \u062b\u0628\u062a) \u0648 \u0648\u0627\u06a9\u0646\u0634 \u0628\u0647 \u062a\u0644\u0627\u0634\u200c\u0647\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647\u200c\u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc (VPN) \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627\u06cc \u062a\u0648\u0644\u06cc\u062f\u06a9\u0646\u0646\u062f\u0647:\nhttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-258121-cve-2025-6892,-cve-2025-6893,-cve-2025-6894,-cve-2025-6949,-cve-2025-6950-multiple-vulnerabilities-in-netwo\n\ud83d\udca1\u0627\u06af\u0631 \u0627\u06cc\u0646 \u0645\u062a\u0646 \u062f\u06cc\u062f\u06af\u0627\u0647 \u0634\u0645\u0627 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0627\u062f\u060c \u0628\u0647 \u0627\u0634\u062a\u0631\u0627\u06a9 \u0628\u06af\u0630\u0627\u0631\u06cc\u062f. \n\u0628\u06cc\u0627\u06cc\u06cc\u062f \u0628\u0627 \u0647\u0645 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f\u0647\u0627 \u0631\u0627 \u0628\u0627\u0644\u0627 \u0628\u0628\u0631\u06cc\u0645.\u00a0 \n\ud83c\udfed\u00a0 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n@pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645 :\nhttps://t.me/ICSCERT_IR\n\u0627\u06cc\u062a\u0627:\nhttps://eitaa.com/joinchat/1866007784Cfd023f90b2\n\u06af\u0631\u0648\u0647 \u062a\u062e\u0635\u0635\u06cc \u0648\u0627\u062a\u0633 \u0627\u067e:\nhttps://chat.whatsapp.com/BZu1yr1aeHpCDxiIXotzyW?mode=ac_t\n\u0628\u0647 \u0627\u0646\u062c\u0645\u0646 \u062a\u062e\u0635\u0635\u06cc AI.Sec \u0628\u067e\u06cc\u0648\u0646\u062f\u06cc\u062f:\nhttps://chat.whatsapp.com/KRPUA6WM4f6AdS727vRBmM?mode=ems_copy_t", "creation_timestamp": "2025-10-24T07:43:11.000000Z"}]}