[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:hackers-exploiting-acrobat-reader-zero-day-flaw-since-december-mnszffup":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":16,"article_ids":17,"ioc_summary":19,"source_urls":20,"status":22,"expires_at":23,"created_at":24,"updated_at":25,"articles":26},"2ef57fe5-ee6b-4cb7-b587-4c052323304b","Hackers exploiting Acrobat Reader zero-day flaw since December","hackers-exploiting-acrobat-reader-zero-day-flaw-since-december-mnszffup","Attackers are actively exploiting an unpatched zero-day in Adobe Reader since December via malicious PDFs that execute on open with no user interaction required. The exploit leverages Acrobat APIs for data exfiltration and potential RCE, affecting any user who opens untrusted PDF documents. All Adobe Reader versions are currently vulnerable.","critical","advisory",[],[13,14,15],"Adobe Reader","Adobe","EXPMON","Immediately block or restrict PDF execution from external email and web sources. Hunt for suspicious Adobe Reader process spawning, file access to sensitive local directories, and network connections from Reader processes. Isolate any systems showing these indicators.",[18],"30060d0f-9d7a-4418-8e28-571151c93127",null,[21],"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fhackers-exploiting-acrobat-reader-zero-day-flaw-since-december\u002F","archived","2026-04-12T14:09:20.785+00:00","2026-04-10T14:09:23.841359+00:00","2026-04-12T15:07:38.215069+00:00",[27],{"id":18,"title":6,"url":21}]