National Cyber Warfare Foundation (NCWF)

Mimo Exploits Craft CMS RCE to Deploy Cryptominer and Proxyware in Coordinated Campaign (Campaign)
0 user ratings		2026-01-16 10:45:55
milo
Attacks
Between February and May 2025, the intrusion set known as Mimo exploited CVE-2025-32432, a critical unauthenticated RCE in Craft CMS, to deploy a multi-stage infection chain observed via honeypots. The attack began by injecting a PHP webshell through a crafted GET request, fol...

Between February and May 2025, the intrusion set known as Mimo exploited CVE-2025-32432, a critical unauthenticated RCE in Craft CMS, to deploy a multi-stage infection chain observed via honeypots. The attack began by injecting a PHP webshell through a crafted GET request, fol...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/mimo-exploits-craft-cms-rce-to-deploy-cryptominer-and-proxyware-in-coordinated-campaign

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.