Researchers: a zero-day vulnerability in Adobe Reader has been actively exploited since at least December 2025, and some docs contain Russian-language lures