Mimosa A.I CyberSecurity Scoring
Mimosa
Company Information
Website:http://mimosa.co
Employees number:265
Number of followers:11,381
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:mimosa.co
Mimosa Risk Score (AI oriented)
Between 700 and 749
MimosaTechnology, Information and Internet
Updated:
11/06/2026
11/06/2026
748/1000
Moderate
Ba
Mimosa Global Score (TPRM)
xxxx
MimosaTechnology, Information and Internet
Score locked

MimosaModerate
Current Score
748Ba (MODERATE)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
748
JUNE 2026
768
MAY 2026
768
APRIL 2026
768
MARCH 2026
768
FEBRUARY 2026
768
JANUARY 2026
768
DECEMBER 2025
768
NOVEMBER 2025
768
OCTOBER 2025
768
SEPTEMBER 2025
768
AUGUST 2025
768
JANUARY 2024
768
Cyber Attack
01 Jan 2024 • Mimosa
Linksys, Hikvision, Cisco, Ubiquiti, Draytek, Fortinet, Araknis and Mimosa Networks: China-Linked JDY Botnet Uses 1,500+ SOHO and IoT Devices for Rapid Vulnerability Exploitation
China-Linked JDY Botnet Expands, Targeting U.S. Critical Infrastructure
737
CRITICAL-31
DOMCISLINDRAFORMIMHIKUBI1781173672
China-Linked JDY Botnet Expands, Targeting U.S. Critical Infrastructure
A resurgent botnet tied to China-backed threat actors has grown into one of the most sophisticated reconnaissance tools in operation. Dubbed JDY, the network now controls over 1,500 compromised small office/home office (SOHO) routers and IoT devices across the U.S., Europe, and Asia, doubling in size since January 2024.
Originally part of the KV-botnet operation linked to Volt Typhoon JDY was first detected in late 2023 as a covert scanning network used to gather intelligence on U.S. critical infrastructure. After U.S. authorities dismantled its companion KV cluster, JDY quietly rebuilt, expanding its reach and capabilities.
Researchers at Lumen’s Black Lotus Labs found that the botnet now targets devices from manufacturers including Cisco, Ubiquiti, Hikvision, Draytek, Linksys, Araknis, and Mimosa Networks. Its operators act with remarkable speed shifting scans to exploit newly disclosed vulnerabilities within hours of public disclosure. A recent example involved CVE-2026-35616, a Fortinet flaw, which JDY began probing almost immediately.
The botnet’s primary focus is U.S.-based networks, particularly those tied to military entities. By leveraging ordinary home and small business routers, JDY blends malicious traffic with legitimate activity, evading detection. Infected devices receive scanning tasks via Tor-hidden command-and-control (C2) servers, making attribution difficult. Scans span TCP, UDP, SSL, and ICMP protocols, with results compressed, encrypted, and sent back to a central server.
JDY’s malware, designed for MIPS and MIPSEL architectures, uses a lightweight bash dropper to infect devices, download payloads, and erase traces. Some devices are managed via Platypus, an open-source remote shell tool, with a known payload server at 149.248.3[.]38 (port 13339). The botnet’s distributed nature spreading scans across thousands of IPs helps it bypass traditional defenses like blocklists and geofencing.
Despite disruption efforts, JDY has proven resilient, adapting and expanding even after partial takedowns. Its rapid response to new vulnerabilities underscores the persistent threat posed by China-linked cyber espionage operations.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Mimosa ??
What was Mimosa's A.I Rankiteo Cyber Score in June 2026 ??
What was Mimosa's A.I Rankiteo Cyber Score in May 2026 ??
What was Mimosa's A.I Rankiteo Cyber Score in April 2026 ??
What was Mimosa's A.I Rankiteo Cyber Score in March 2026 ??
What was Mimosa's A.I Rankiteo Cyber Score in February 2026 ??
What was Mimosa's A.I Rankiteo Cyber Score in January 2026 ??
What was Mimosa's A.I Rankiteo Cyber Score in December 2025 ??
What was Mimosa's A.I Rankiteo Cyber Score in November 2025 ??
What was Mimosa's A.I Rankiteo Cyber Score in October 2025 ??
What was Mimosa's A.I Rankiteo Cyber Score in September 2025 ??
What was Mimosa's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Mimosa's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Mimosa ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Mimosa's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?