Adobe patched CVE-2026-34621, a critical zero-day in Acrobat and Reader enabling arbitrary code execution through malicious PDFs. The vulnerability was actively exploited for months via obfuscated JavaScript that fingerprinted systems and selectively deployed second-stage payloads. Russian-language documents with oil/gas sector themes suggest organized, likely state-sponsored targeting.
Safety
Adobe finally patches PDF pest after months of abuse
CVE-2026-34621 zero-day in Adobe Reader enabled months of code-execution attacks against Russian energy sector via malicious PDFs before Adobe patched it, suggesting state-sponsored targeting of critical infrastructure.
Monday, April 13, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
safety
/// RELATED
ProductsApr 28
Celebrating 20 years of Google Translate: Fun facts, tips and new features to try
Google Translate embeds visual translation into Lens and Circle to Search across Android/iOS as it marks 20 years, shifting from standalone tool to platform-native capability.
StrategyApr 21
Apple has an opportunity to rediscover humanity in its push toward AI
A leadership transition presents Apple with an opportunity to align its privacy-focused brand messaging with its profit-driven App Store gatekeeping practices and compliance with authoritarian governments.