June 15, 2016
Attackers are exploiting a critical vulnerability in Adobe’s widely used Flash Player, and Adobe says it won’t have a patch ready until later this week.
The active zero-day exploit works against the most recent Flash version 220.127.116.11 and was detected earlier this month by researchers from antivirus provider Kaspersky Lab, according to a blog post published Tuesday by Costin Raiu, the director of the company’s global research and analysis team. It’s being carried out by “ScarCruft,” the name Kaspersky has given to a relatively new hacking group engaged in “advanced persistent threat” campaigns that target companies and organizations for high-value information and data. Raiu wrote: