☒ ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

☐ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ☐ No ☒

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ☐ No ☒

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☒ No ☐

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes ☒ No ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See definition of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report. ☐

If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in the filing reflect the correction of an error to previously issued financial statements. ☐

Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the registrant’s executive officers during the relevant recovery period pursuant to §240.10D-1(b). ☐

Indicate by check mark whether the registrant is a shell company (as defined by Rule 12b-2 of the Exchange Act). Yes ☐ No ☒

The aggregate market value of the voting and non-voting common equity held by non-affiliates of the registrant as of the last business day of the registrant’s most recently completed second fiscal quarter ended June 30, 2024 was $32,432,613 based upon the closing price of the registrant’s common stock of $1.98 on The Nasdaq Capital Market as of that date. Further information concerning shareholdings of our officers, directors and principal stockholders is included or incorporated by reference in Part III, Item 12 of this Annual Report on Form 10-K.

On March 25, 2025, Immix Biopharma, Inc. filed its Annual Report on Form 10-K for the fiscal year ended December 31, 2024 (the “Original Form 10-K”) with the U.S. Securities and Exchange Commission (the “SEC”). The Original Form 10-K failed to include certain required inline XBRL tagging which was inadvertently omitted in the Original Form 10-K, and this Amendment No. 1 to Annual Report on Form 10-K (“Amendment No. 1”) is being filed solely to include such inline XBRL tagging under Item 1C. Cybersecurity.

As such, this Amendment No. 1:

	●	restates Part I, Item 1C (Cybersecurity), of the Original Form 10-K to include the required XBRL tagging; and

	●	files new certifications of our principal executive officer and principal financial officer as exhibits to this Amendment under Item 15 of Part IV hereof, pursuant to Rule 12b-15 under the Securities Exchange Act of 1934, as amended (the “Exchange Act”).

This Amendment No. 1 does not otherwise change or update any of the disclosures set forth in the Original Form 10-K, and, except as expressly stated herein, does not reflect events occurring after the filing of the Original Form 10-K.

Risk Management and Strategy. We employ processes for assessing, identifying, and managing material risks from cybersecurity threats that are incorporated into our overall risk management system. These items are designed to help protect our information assets from internal and external threats and protect the integrity and confidentiality of our data. Our system includes procedural and technical safeguards, response plans, and reviews of our policies. We engage various external entities, including consultants, to improve and enhance our cybersecurity oversight. We provide all employees and consultants with cybersecurity and prevention training including timely and relevant topics covering social engineering, phishing, mobile security, and data protection and the need for reporting incidents and suspicious events immediately. With respect to third parties that assist in our cybersecurity oversight, we obtain reports to assess the security of their systems and processes. We engage in ongoing monitoring of all third-party providers to ensure compliance with our cybersecurity standards.

Although we develop and maintain systems and controls designed to prevent cybersecurity threats from occurring, and we have a process to identify and mitigate threats, the development and maintenance of these systems, controls and processes is costly and requires ongoing monitoring and updating as technologies change and efforts to overcome security measures become increasingly sophisticated. Moreover, despite our efforts, the possibility of these events occurring cannot be eliminated entirely. As we outsource more of our information systems to vendors, engage in more electronic transactions with service providers and patients, and rely more on cloud-based information systems, the related security risks will increase and we will need to expend additional resources to protect our technology and information systems. In addition, there can be no assurance that our internal information technology systems or those of our third-party contractors, or our consultants’ efforts to implement adequate security and control measures, will be sufficient to protect us against breakdowns, service disruption, data deterioration or loss in the event of a system malfunction, or prevent data from being stolen or corrupted in the event of a cyberattack, security breach, industrial espionage attacks or insider threat attacks which could result in financial, legal, business or reputational harm.

As of the date of this report, we are not aware of any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition.

Governance. Our senior management team conducts the regular assessment and management of material risks from cybersecurity threats, including review with our IT team and third-party service providers. All employees and consultants are directed to report to our senior management any irregular or suspicious activity that could indicate a cybersecurity threat or incident. The Audit Committee of our Board of Directors evaluates our cybersecurity assessment and management policies, including quarterly interviews with our senior officers and independent registered accounting firm.

No financial statement or supplemental data are filed with this Amendment No. 1 to Form 10-K. See Index to Financial Statements and Supplemental Data of the Original Form 10-K.

The exhibits required to be filed by Item 15 are set forth in, and filed with or incorporated by reference in, the “Exhibit Index” of the Original Form 10-K. The attached list of exhibits in the “Exhibit Index” sets forth the additional exhibits required to be filed with this Amendment No. 1 and is incorporated herein by reference in response to this item.

Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized.

11400 West Olympic Blvd., Suite 200, Los Angeles, CA		90064
(Address of principal executive offices)		(Zip code)

Title of each class		Trading Symbol(s)		Name of each exchange on which registered
Common stock, $0.0001 par value		IMMX		The Nasdaq Stock Market LLC

PART I
Item 1C. Cybersecurity	1

PART IV
Item 15. Exhibits and Financial Statement Schedules	2

Exhibit Number		Description

31.3*		Certification of Principal Executive Officer pursuant to Section 302 of the Sarbanes-Oxley Act
31.4*		Certification of Principal Financial Officer pursuant to Section 302 of the Sarbanes-Oxley Act
101.INS		Inline XBRL Instance Document (filed herewith)
101.SCH		Inline XBRL Taxonomy Extension Schema With Embedded Linkbase Documents (filed herewith)
104		Cover Page Interactive Data File (embedded within the Inline XBRL document)

	Immix Biopharma, Inc.

Date: May 19, 2025		/s/ Ilya Rachman
	By:	Ilya Rachman,
		Chief Executive Officer
		(Principal Executive Officer)

Large accelerated filer	☐	Accelerated filer	☐
Non-accelerated filer	☒	Smaller reporting company	☒
		Emerging growth company	☒