On April 7, 2026, a security researcher described an Adobe Reader zero-day vulnerability that has been exploited since at least December 2025. The vulnerability allows threat actors to execute privileged Acrobat APIs via specially crafted malicious PDF files that execute obfuscated JavaScript when opened. Exploitation allows attackers to steal sensitive user and system data and to potentially launch additional attacks and remotely execute code. Recommendations: Reduce the risk by automatically scanning PDF email attachments, blocking suspicious files, training users to be wary of unsolicited attachments, and advising users to temporarily avoid using Adobe Reader to open PDFs. Reference: https://www.sophos.com/en-us/blog/adobe-reader-zero-day-vulnerability-in-active-exploitation