<ul><li>Local government organizations in the United States targeted by Chinese hackers through a zero-day vulnerability in Trimble Cityworks, as reported by Cisco Talos.</li><li>Hackers exploited CVE-2025-0994, a high-severity deserialization bug to gain access and deploy malware loaders like Cobalt Strike beacons and VSHell malware.</li><li>Cisco discovered intrusions by a threat actor named UAT-6382 in U.S. local government networks, primarily focusing on utilities management systems.</li><li>Trimble has since patched the vulnerability, but the US Cybersecurity and Infrastructure Agency recommends prompt application of patches to prevent future attacks.</li></ul>

US local governments targeted by Chinese hackers

Discover more