rule bulwark_https_bulwarkblack_com_hackers_exploit_cve_2025_32975_cvss_10_0_to_hijack_unpatched_ques
{
    meta:
        author = "Bulwark Black LLC"
        source = "https://bulwarkblack.com/hackers-exploit-cve-2025-32975-cvss-10-0-to-hijack-unpatched-quest-kace-sma-systems/"
        description = "Auto-extracted indicators. Verify before use; not a behavioral detection rule."
        generated = "2026-07-15T22:31:40Z"
        tlp = "TLP:CLEAR"
        indicator_count = "1"
    strings:
        $s0 = "216.126.225.156" ascii wide nocase  // IPv4
    condition:
        any of ($s*)
}
