Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Adobe has patched a vulnerability in its main document reading applications, Acrobat DC, Reader DC, and Acrobat 2024, that hackers have been actively exploiting for at least four months.
The vulnerability has been officially tracked as CVE-2026-34621allows hackers to remotely plant malware on a person’s device by tricking them into opening a maliciously created PDF file on a Windows device or macOS computer. The exploit targets a vulnerability in some versions of Adobe Reader.
It is not yet known how many people were affected by this hacking campaign. In a note on its website, Adobe said it was aware that the vulnerability was being exploited in the wild, known as a Zero dayWhich suggests that hackers were using it to break into people’s computers before Adobe could fix it.
Although it is not clear who is behind the hacking campaign, the popularity of Adobe’s PDF reader makes it clear Fixed target To cybercriminals and government-backed hackers, who have long abused software vulnerabilities to steal data from people’s computers.
Security researcher Haifei Li, who runs the exploit detection system EXPMON, discovered the vulnerability after someone… A copy has been uploaded From a malicious PDF file that contains a vulnerability in its malware scanner. in Blog postAnother version of the malware-filled PDF first appeared on VirusTotal, another online malware scanner, in late November 2025, Lee wrote.
It’s not clear who the hacking campaign was targeting or for what reason, and Lee said it was not possible to obtain any additional exploits from the hackers’ servers. But according to Lee’s analysis, opening a malicious PDF file and triggering the vulnerability “could result in complete control of the victim’s system” and give the hacker the ability to steal a wide range of data.
Adobe said Acrobat DC, Reader DC, and Acrobat 2024 were affected, and urged users to update their programs to the latest versions.