Adobe has rushed to patch a critical zero-day security vulnerability in its PDF software after discovering hackers have been exploiting it for months. The flaw, which allows attackers to execute malicious code on victims' devices, has been actively used in sophisticated attacks since at least November 2025. This particularly concerning breach involved attackers exploiting the flaw before Adobe even became aware of it, leaving countless users vulnerable.

The extent of the damage remains unclear, as security researchers have not yet determined the exact number of victims affected. While Adobe has not disclosed specific details about the attacks, they strongly recommend all users update their software immediately. This incident highlights the growing sophistication of cybercriminals and underscores the importance of maintaining up-to-date security measures for document handling.