A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware.The vulnerability in question is CVE-2025-32432, a maximum severity flaw in Craft CMS that was patched in
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/05/mimo-hackers-exploit-cve-2025-32432-in.html
