Zack Whittaker, TechCrunch:

Adobe has patched a vulnerability in its flagship document-reading apps, Acrobat DC, Reader DC and Acrobat 2024, that hackers have been actively exploiting for at least four months.

The vulnerability, officially tracked as CVE-2026–34621, allows hackers to remotely plant malware on a person’s device by tricking them into opening a maliciously crafted PDF file on their Windows device or macOS computer. The exploit targets a vulnerability in some versions of the Adobe Reader software.

It is not yet known how many people have been affected by this hacking campaign. In a note on its website, Adobe said it was aware that the bug is being exploited in the wild, known as a zero-day, indicating that hackers have been using it to break into people’s computers before Adobe could fix it.

I can’t recall the last time I used Adobe’s PDF reader apps, as I open 99% of PDFs using Apple Preview, Files or QuickLook, and most of the rest in Safari.