Adobe Reader users beware: Experts report months-old security breach using booby-trapped PDFs to identify victims.

Experts discover that Adobe Reader is the victim of a dangerous zero-day exploit
Malicious PDFs Enable Data Theft and Possible Complete Takeover
Fix pending, users advised to avoid untrusted files

Adobe Reader users have been warned to be careful with unsolicited documents arriving via email and social media, as the popular PDF reader is vulnerable to a zero-day flaw that allows hackers to steal sensitive files and, in some scenarios, even take control of your device entirely.

Security researcher Haifei Li discovered a “highly sophisticated fingerprint-style PDF exploit” operating in the wild since December 2025, with attacks still ongoing.

“This fingerprinting exploit has been confirmed to exploit a zero-day/unpatched vulnerability that works on the latest version of Adobe Reader without requiring any user interaction beyond opening a PDF file,” Li said. “More worryingly, this exploit allows the threat actor to not only collect/steal local information, but also potentially launch subsequent RCE/SBX attacks, which could lead to full control of the victim’s system.”

Article continues below

Target the Russians

A separate report from an analyst under the pseudonym Gi7w0rm states that the PDF lure used in these attacks refers to current events in the Russian oil and gas industry and was written in Russian, suggesting who the targets might be.

Adobe has not yet released a patch to resolve this issue, and in the meantime, all Adobe Reader users are advised not to open PDF documents from untrusted contacts.

BeepComputer notes that network defenders can also mitigate attacks exploiting this vulnerability by monitoring and blocking HTTP/HTTPS traffic with the “Adobe Synchronizer” string in the User-Agent header.

“This zero-day/unpatched capability of large-scale information collection and the potential for further exploitation of RCE/SBX are sufficient to keep the security community on high alert. Therefore, we have chosen to publish these results immediately so that users can remain vigilant,” the researcher concluded.

Sign up for the TechRadar Pro newsletter to get all the top news, opinions, features and tips your business needs to succeed!

The best antivirus for every budget

Our top picks, based on real-world testing and comparisons

Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!

And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.

Must Read

Leave a Comment Cancel Reply