Adobe has released security patches for a critical zero-day vulnerability in its PDF software that hackers actively exploited for several months before detection. The security flaw allowed attackers to compromise systems through malicious PDF files.

Security researchers reported that the hacking campaign utilizing this vulnerability began at least as early as November 2024, indicating the exploit remained undetected for an extended period. The exact number of victims affected by the attacks has not been disclosed.

The vulnerability represents part of a broader pattern of cybersecurity incidents affecting major technology and consulting firms. This follows recent security breaches at prominent consulting companies, highlighting ongoing challenges in protecting sensitive corporate data.

Adobe's patch addresses the zero-day exploit, which refers to a previously unknown security flaw that hackers discovered and used before security teams could develop defenses. Such vulnerabilities are particularly dangerous because they provide attackers with a window of opportunity before protective measures can be implemented.

The incident underscores the persistent threat posed by sophisticated hacking groups who target widely-used software applications. PDF files are commonly used across business and personal computing environments, making successful exploits potentially far-reaching in their impact.