Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in Cityworks, a widely used asset management system. This critical flaw has been leveraged by a group tracked as UAT-6382, assessed with high confidence to be Chinese-speaking threat actors, to target enterprise networks of local governing bodies in the United States […] The post Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/cityworks-zero-day-vulnerability-used-by-uat-638-hackers/
