Security researcher Haifei Li has discovered what appears to be an actively exploited zero-day vulnerability in Adobe Reader that may have been used in attacks for at least four months. The exploit, detected by Li's sandbox system Expmon, can collect and leak user information from compromised systems and potentially enable remote code execution, with malicious PDFs containing Russian-language lures related to Russia's oil and gas sector. Adobe has been notified and is investigating, though the company has yet to confirm in-the-wild exploitation or release a patch.