A highly sophisticated, unpatched zero-day exploit is actively targeting users of Adobe Reader. Detected by the EXPMON threat-hunting system, this malicious PDF file is designed to steal sensitive local data and perform advanced system fingerprinting.
  • CyberSeeker@discuss.tchncs.deEnglish
    3·
    2 days ago

    According to researcher justhaifei1, the vulnerability was responsibly disclosed to Adobe Security

    No, this is not responsible disclosure; the guy notified Adobe at the same time as publication. He claims to justify by saying he is seeing this in the wild, but “responsible” does not mean what he says that means.

  • earthworm@sh.itjust.worksEnglish
    13·
    2 days ago

    A highly sophisticated, unpatched zero-day exploit is actively targeting users of Adobe Reader. Detected by the EXPMON threat-hunting system, this malicious PDF file is designed to steal sensitive local data and perform advanced system fingerprinting.

    The exploit functions flawlessly on the latest version of Adobe Reader. It requires no user interaction beyond simply opening the malicious document.

    The attack begins when a victim opens a specially crafted PDF, initially submitted to malware analysis platforms under the file name “yummy_adobe_exploit_uwu.pdf”.