Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Malware and Vulnerabilities
May 22, 2025
talosintelligence
A Chinese threat group, UAT-6382, is actively exploiting CVE-2025-0994—a remote code execution vulnerability in Trimble Cityworks—to deploy malware and maintain persistent access in U.S. local government networks.
Read More
CVE-2025-0994
Cityworks
UAT-6382
Web Shells
Cobalt Strike
Publisher
Previous
TAG-110 Targets Tajikistan: New Macro Word Documents Ph ...
Threat Actors
Next
Grafana security release: High severity security fix fo ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/72d7_shutterstock_1848906862.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/1830_shutterstock_2283568849.jpg)
