Adobe has patched a vulnerability in its flagship document-reading apps, Acrobat DC, Reader DC and Acrobat 2024, that hackers have been actively exploiting for at the least 4 months.
The vulnerability, formally tracked as CVE-2026-34621, permits hackers to remotely plant malware on an individual’s gadget by tricking them into opening a maliciously crafted PDF file on their Home windows gadget or macOS laptop. The exploit targets a vulnerability in some variations of the Adobe Reader software program.
It isn’t but identified how many individuals have been affected by this hacking marketing campaign. In a word on its web site, Adobe mentioned it was conscious that the bug is being exploited within the wild, referred to as a zero-day, indicating that hackers have been utilizing it to interrupt into folks’s computer systems earlier than Adobe might repair it.
Whereas it’s not clear who’s behind the hacking marketing campaign, the ubiquity of Adobe’s PDF-reading software program makes it a consistent target for cyber criminals and government-backed hackers, who’ve lengthy abused weaknesses within the software program to steal information from folks’s computer systems.
Safety researcher Haifei Li, who runs the exploit-detection system EXPMON, found the vulnerability after somebody uploaded a copy of a malicious PDF containing the exploit to his malware scanner. In a blog post, Li wrote that one other copy of the malware-ridden PDF first appeared on VirusTotal, one other on-line malware scanner, in late November 2025.
It’s not clear who the hacking marketing campaign was focusing on or for what purpose, and Li mentioned it was not attainable to acquire any further exploits from the hacker’s servers. However in accordance with Li’s evaluation, opening a malicious PDF and triggering the exploit “might result in full management of the sufferer’s system” and provides the hacker the power to steal a variety of knowledge.
Adobe mentioned Acrobat DC, Reader DC, and Acrobat 2024 are affected, and urged customers to replace their software program to the most recent variations.
