Skip to main content
  1. Home
  2. Computing
  3. Legacy Archives

New zero-day Adobe Flash vulnerability discovered by research firm

Add as a preferred source on Google

According to Internet security research firm FireEye, they have a new security exploit found in Adobe Flash. Last week, we reported that FireEye uncovered an Internet Explorer 10 vulnerability that was used to target a site for an organization that helps assists U.S. military veterans. FireEye is dubbing these attacks “Operation GreedyWonk.”

Visitors of the websites for the Peter G. Peterson Institute for International Economics, the American Research Center in Egypt, as well as the Smith Richardson Foundation “were redirected to an exploit server hosting this Flash zero-day through a hidden iframe,” according to FireEye.

Recommended Videos

Here’s what FireEye had to say about those behind Operation GreedyWonk:

“The group behind this campaign appears to have sufficient resources (such as access to zero-day exploits) and a determination to infect visitors to foreign and public policy websites. The threat actors likely sought to infect users to these sites for follow-on data theft, including information related to defense and public policy matters.”

FireEye recommends that to reduce your risk of falling prey to this threat, you should upgrade your OS from Windows XP, update Java and update Microsoft Office to the latest versions.

FireEye is working closely with Adobe on this matter, which has released a security bulletin of their own. You can check it out here.

What do you think? Sound off in the comments below.

Konrad Krawczyk
Former Computing Editor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
A hacker’s arrest just revealed how Microsoft can track your Windows device
Microsoft knew what websites his Windows PC visited.
Windows 11 on a laptop

A teenager allegedly used a VPN to cover his tracks while hacking a US jewelry retailer, but Microsoft knew anyway.

Court documents unsealed in the US case against Peter Stokes, a 19-year-old dual US-Estonian citizen accused of being a member of the notorious Scattered Spider hacking group, reveal that Microsoft provided the FBI with records tied to a tracking mechanism called the Global Device Identifier, or GDID. 

Read more
The days of cheap Chinese AI models could be number as government mulls restrictions similar to the US
The AI world’s bargain aisle could be closed by China soon.
DeepSeek AI chatbot running on an iPhone.

DeepSeek's R1 helped kickstart global interest in low-cost Chinese AI. This was followed by increasingly capable systems from Alibaba, ByteDance, and Z.ai. Some models can be downloaded, customized, and hosted independently, giving many developers an alternative to paying for access to expensive US platforms.

However, this bargain may soon face a geopolitical lock--and this time, it's because of China and not the US. Reuters reports that Chinese authorities have held meetings with Alibaba, ByteDance, and Z.ai about potentially restricting overseas access to the country’s most advanced AI systems. Discussions apparently included closed models and open-weight releases, along with technology that has yet to reach the public.

Read more
Microsoft pushed Copilot everywhere, but barely anyone bought it, and even fewer use it: Report
Users are barely showing up for Copilot
Microsoft Copilot Banner Featured

Microsoft has spent the past few years making Copilot extraordinarily difficult to avoid. It appeared in Windows 11, and soon found its way to Edge, Word, and almost everywhere else in Microsoft's software suite. New laptops even received a dedicated Copilot key. Microsoft wanted AI to become a daily habit, and it had hundreds of millions of existing customers to leverage.

But the latest adoption figures suggest that the distribution was quite disappointing. Microsoft revealed that Copilot 365 has more than 20 million paid seats. While that does sound impressive at a glance, this number is dwarfed when you compare the company's more than 450 million paid commercial Microsoft 365 seats. So fewer than 4.5% of those customers pay for the full Copilot experience.

Read more