A zero-day vulnerability in Adobe Reader is being actively exploited in targeted attacks against the Russian oil and gas sector. Threat actors are utilizing malicious PDF files embedded with obfuscated JavaScript to execute privileged APIs, enabling sensitive data theft and potential remote code execution.