A now-patched high-severity safety flaw affecting Trimble Cityworks — a specialised software program utilized by native governments within the US, utilities, and public businesses to handle their infrastructure and group companies—was abused by Chinese language hackers to compromise programs earlier than a patch was accessible.
In line with a Talos intelligence report, the flaw (tracked as CVE-2025-0994) within the Geographic Data System (GIS)-based asset administration device was utilized by hackers in zero-day exploitation for reaching distant code execution and subsequent malware supply.
“Talos has discovered intrusions in enterprise networks of native governing our bodies in the US (US), starting January 2025 when preliminary exploitation first befell,” the cybersecurity outfit mentioned in a weblog put up, attributing the exploitation to the entity it tracks as ‘UAT-6382’.“Primarily based on tooling and ways, methods and procedures (TTPs) employed by the menace actor, Talos assesses with excessive confidence that the exploitation and subsequent post-compromise exercise is carried out by Chinese language-speaking menace actors.”
