Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Asset Info

NID

bafybeid...gmcexqlu

CreatorN/A

Registration TimeLoading...

RegistrarThe Hacker News

Capture TimeLoading...

GeolocationN/A

File TypeJPEG

Source TypedigitalUpload

Details

Abstract

Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact ("Invoice540.pdf") first appeared on the VirusTotal platform on November 28, 2025. A second

LicenseN/A

Used Bythehackernews.com...

Mining PreferenceN/A

Integrity Proof

bafkreia...ccgs4eqy