Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack

Business Case for Agentic AI SOC Analysts

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware.
The vulnerability in question is CVE-2025-32432, a maximum severity flaw in Craft CMS that was patched in

Headline

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

The Hacker News: Latest News