Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

/in

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware.
The vulnerability in question is CVE-2025-32432, a maximum severity flaw in Craft CMS that was patched in

The Hacker News – ​Read More

Chrome 137, Firefox 139 Patch High-Severity VulnerabilitiesHow MSSPs Can Analyze and Investigate Phishing Attacks with ANY.RUN How MSSPs Can Analyze and Investigate Phishing Attacks with ANY.RUN