Chinese-speaking hackers known as UAT-6382 have exploited a patched vulnerability in Trimble Cityworks, delivering unique malware to maintain long-term access. The hackers targeted utility management systems of US governing bodies since January 2025. Cisco Talos reported that the vulnerability had been used to deliver a Rust-based loader, launching Cobalt Strike and VShell, both used to maintain persistent access to infected systems.
Rust-Based Luca Stealer Spreads Across Linux and Windows Systems
Threat actors are increasingly abandoning traditional languages like C and C++ in favor of modern alternatives such as Golang, Rust, and Nim. This strategic shift
