Cybercriminals are actively exploiting an unpatched security vulnerability in Adobe Reader through sophisticated phishing campaigns that use malicious PDF attachments to gain unauthorized access to user systems.

Key Points

• Attackers use social engineering to distribute malicious PDFs disguised as invoices or corporate reports via email.
• The exploit leverages hidden JavaScript code to bypass system security and exfiltrate sensitive data to remote servers.
• Researcher Haifei Li of EXPMON first identified the malicious files on VirusTotal in late November.
• The campaign currently shows a geographic focus on Russian-language communications, though the vulnerability impacts global users.
• Adobe has not yet released an official security patch to address the flaw, leaving all software versions at risk.
• Experts recommend avoiding suspicious attachments and potentially uninstalling Adobe Reader until a permanent fix is issued.

Why it Matters

This vulnerability poses a significant risk to global users because it allows attackers to compromise systems without an available security patch. The targeted nature of the campaign suggests that attackers are carefully selecting victims, potentially leading to more severe data breaches or long-term system infiltration.