Flash zero-day exploit
Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious FlashPlayercontent distributed via email. Unlike the critical vulnerabilities patched in Adobe’sMarch, Apriland May updates, CVE-2018-5002 isn’t a remotely exploitable flaw that cybercriminals might decide to exploit in future, it’s one that we only know about because they’re exploiting it now, a so-called zero-day.
Source: sophos.com