{"vulnerability": "CVE-2025-68947", "sightings": [{"uuid": "fde6710c-a580-4bbc-a2c7-456ea2e0c19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3me7siiyeik2c", "content": "", "creation_timestamp": "2026-02-06T21:02:58.534465Z"}, {"uuid": "fcb53f3f-1c53-43d7-ae92-be2ac063426b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcdj3hxcph2g", "content": "", "creation_timestamp": "2026-01-13T21:34:50.294907Z"}, {"uuid": "382245be-131b-48ab-95b3-6d93052b5a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mcg2r5k6yw2g", "content": "", "creation_timestamp": "2026-01-14T21:56:31.530444Z"}, {"uuid": "fd723d25-2f6c-4aeb-9a20-db71ea1a52e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "exploited", "source": "https://t.me/thehackernews/8386", "content": "\u26a0\ufe0f\ud83d\udee0\ufe0f Reynolds ransomware embeds its own BYOVD evasion, bundling a vulnerable driver to disable EDR before encryption.\n\nIt drops the NSecKrnl driver (CVE-2025-68947) to kill security tools, reducing detection and affiliate effort.\n\n\ud83d\udd17 Read full attack chain and defense insights \u2192 https://thehackernews.com/2026/02/reynolds-ransomware-embeds-byovd-driver.html", "creation_timestamp": "2026-02-10T14:44:42.000000Z"}, {"uuid": "3afef5d4-dc15-4641-b590-da185e46edd1", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-68947", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d4ee705f-2642-4632-923f-a6446310d558", "content": "", "creation_timestamp": "2026-06-19T12:45:40.943095Z"}]}