Adobe patched a critical zero-day in Reader and Acrobat that attackers exploited for months using Russian-language PDF lures. The vulnerability, discovered by researcher Haifei Li, allowed remote code execution and was linked to suspected APT activity targeting the oil and gas sector.
A critical zero-day vulnerability in Adobe Reader is being exploited with malicious PDFs targeting Russian oil and gas sectors. The attack requires no user interaction beyond opening the file, allowing hackers to steal data and potentially launch more severe attacks. No fix is available yet, so users must exercise extreme caution.
A newly discovered zero-day in Adobe Reader has been exploited via malicious PDFs since December 2025. Attackers use social engineering and advanced code to steal data and potentially take over systems.
#Adobe Reader | #zero-day vulnerability | #social engineering
A newly discovered zero-day vulnerability in Adobe Reader has been actively exploited by hackers using weaponized PDFs since December, enabling data theft and potential full system compromise. Users are urged to stay vigilant until Adobe releases a fix.
A sophisticated zero-day vulnerability in Adobe Reader has been exploited since at least November 2025, enabling attackers to harvest user data and potentially gain remote control. The exploit, discovered by researcher Haifei Li, evaded detection for months and uses Russian-language lures. Adobe is investigating as cybersecurity experts work to unravel the full attack chain.
A stealthy zero-day exploit in Adobe Reader is being used to steal sensitive files and execute remote code—all triggered by opening a single malicious PDF. No patch is available yet, and antivirus solutions are failing to detect this advanced threat.