Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell.
“UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a variety of web shells and custom-made malware to maintain long-term access,” Cisco Talos researchers

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

Next Post

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

Related Posts
Total
0
Share