A now-patched high-severity safety flaw affecting Trimble Cityworks — a specialised software program utilized by native governments within the US, utilities, and public businesses to handle their infrastructure and group companies—was abused by Chinese language hackers to compromise techniques earlier than a patch was accessible.
In line with a Talos intelligence report, the flaw (tracked as CVE-2025-0994) within the Geographic Data System (GIS)-based asset administration software was utilized by hackers in zero-day exploitation for reaching distant code execution and subsequent malware supply.
“Talos has discovered intrusions in enterprise networks of native governing our bodies in america (US), starting January 2025 when preliminary exploitation first came about,” the cybersecurity outfit mentioned in a weblog submit, attributing the exploitation to the entity it tracks as ‘UAT-6382’.“Primarily based on tooling and ways, strategies and procedures (TTPs) employed by the risk actor, Talos assesses with excessive confidence that the exploitation and subsequent post-compromise exercise is carried out by Chinese language-speaking risk actors.”
