Analyst207Apr 9

Adobe Reader zero-day flaw under active exploitation

Malicious PDF documents have been hiding a nasty secret: a zero-day vulnerability in Adobe Reader that's been exploited by attackers since at least December, allowing them to spread malware and wreak havoc. This stealthy threat highlights the urgent need for better detection and response to these types of attacks.

https://osintsights.com/adobe-reader-zero-day-flaw-under-active-exploitation?utm_source=mastodon&utm_medium=social

#ZeroDay #AdobeReader #EmergingThreats #VulnerabilityExploitation #MaliciousDocuments

Adobe Reader zero-day flaw under active exploitation

Learn about Adobe Reader zero-day flaw under active exploitation. Discover how attackers use malicious PDFs to exploit vulnerability and take action now to protect yourself.

OSINTSights
tech news ᳇ eicker.newsOct 10, 2025
A study by #Anthropic, the UK AI Security Institute, and the Alan Turing Institute found that as few as 250 #maliciousdocuments can #backdoor large language models (#LLMs), regardless of size. This challenges the assumption that attackers need a percentage of #trainingdata, suggesting a fixed number of #poisoneddocuments is sufficient. https://www.anthropic.com/research/small-samples-poison?eicker.news #tech #media #news
A small number of samples can poison LLMs of any size

Anthropic research on data-poisoning attacks in large language models

Paul RascagneresJan 20, 2023

I wrote a small Python library to extract metadata and embedded files in a #OneNote documents (.one). The OneNote file format is not really documented but it seems to work on the files I tested.

It is published on the @volexity GitHub repository: https://github.com/volexity/threat-intel/tree/main/tools/one-extract
It can be used in #standalone or included easily on any #pipeline.
#CTI #threathunting #maldoc #maliciousdocuments

threat-intel/tools/one-extract at main · volexity/threat-intel

Signatures and IoCs from public Volexity blog posts. - threat-intel/tools/one-extract at main · volexity/threat-intel

GitHub
ITSEC NewsOct 7, 2020
PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict - Spear-phishing attacks targeting VIPs and others show key malware changes and are likely linked to... https://threatpost.com/poetrat-resurfaces-azerbaijan-conflict/159917/ #thebrotherskaramazov #maliciousdocuments #malwareanalysis #microsoftword #spearphishing #publicsector #threatactors #websecurity #nationstate #government #azerbaijan #ciscotalos #dostoevsky #espionage #conflict #malware #armenia #poetrat #spyware
PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict

Spear-phishing attacks targeting VIPs and others show key malware changes and are likely linked to the current conflict with Armenia.

Threatpost - English - Global - threatpost.com
ITSEC NewsOct 6, 2020

PoetRAT: Malware targeting public and private sector in Azerbaijan evolves - By Warren Mercer, Paul Rascagneres and Vitor Ventura.

The Azerbaijan public sector and other import... http://feedproxy.google.com/~r/feedburner/Talos/~3/HJ1mqTAdQDQ/poetrat-update.html #maliciousdocuments #azerbajian #poetrat #python #lua

PoetRAT: Malware targeting public and private sector in Azerbaijan evolves

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

ITSEC NewsOct 25, 2019
Beers with Talos Ep. #64: Your problem isn’t complex, it's simply complexity - By Mitch NeffBeers with Talos (BWT) Podcast episode No. 64 is now available. Download this episode a... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/sSSSGyepaXY/beers-with-talos-ep-64-your-problem.html #beerswithtalospodcast #maliciousdocuments #beerswithtalos #pdfreader #podcast #bwt
Beers with Talos Ep. #64: Your problem isn’t complex, it's simply complexity

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group