Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in the Craft Content Management System (CMS). Discovered by Orange Cyberdefense in mid-February 2025 and publicly disclosed on April 25, 2025, this flaw carries a maximum CVSS score of 10 due to its unauthenticated nature. Affecting Craft CMS versions from 3.0.0-RC1 […] The post Hackers Exploit Craft CMS Vulnerability to Inject Cryptocurrency Miner Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/hackers-exploit-craft-cms-vulnerability/
