A now-patched high-severity security flaw affecting Trimble Cityworks — a specialised software program utilized by native governments within the US, utilities, and public companies to handle their infrastructure and neighborhood companies—was abused by Chinese language hackers to compromise techniques earlier than a patch was obtainable.
In accordance with a Talos intelligence report, the flaw (tracked as CVE-2025-0994) within the Geographic Data System (GIS)-based asset administration device was utilized by hackers in zero-day exploitation for attaining distant code execution and subsequent malware supply.
“Talos has discovered intrusions in enterprise networks of native governing our bodies in the US (US), starting January 2025 when preliminary exploitation first befell,” the cybersecurity outfit stated in a weblog submit, attributing the exploitation to the entity it tracks as ‘UAT-6382’.“Based mostly on tooling and techniques, strategies and procedures (TTPs) employed by the risk actor, Talos assesses with excessive confidence that the exploitation and subsequent post-compromise exercise is carried out by Chinese language-speaking risk actors.”
