Adobe Acrobat Zero-Day Exploited, Immediate Patch Required — Dark Reading

Adobe has released an emergency patch for a zero-day vulnerability (CVE-2026-34621) in Acrobat and Reader, which has been actively exploited for months. Attackers use maliciously crafted PDF files to execute arbitrary code on affected systems. Security teams should prioritize updating to the latest versions to mitigate potential exploitation risks.

FBI and Indonesian Police Dismantle W3LL Phishing Network — The Hacker News

The FBI and Indonesian authorities have successfully dismantled the W3LL phishing network, responsible for $20 million in fraud attempts. The operation led to the arrest of the network's developer. Security teams should review their defenses against phishing attacks, as the group targeted a wide range of industries with sophisticated phishing techniques.

• Stolen Rockstar Games analytics data leaked by extortion gang [BleepingComputer]
• OpenAI rotates macOS certs after Axios attack hit code-signing workflow [BleepingComputer]
• Critical flaw in wolfSSL library enables forged certificate use [BleepingComputer]
• APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials [Dark Reading]
• North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware [The Hacker News]