A previously unknown Adobe Reader zero-day vulnerability has been actively exploited by hackers in the wild for months, as revealed by a malicious PDF file discovered by researcher Haifei Li. The PDF, submitted to Expmon on March 26, bypassed detection by most antivirus software, with only 13 out of 64 vendors on VirusTotal flagging it as malicious. The exploit is particularly concerning as it highlights the ability of attackers to leverage undisclosed vulnerabilities to gain an upper hand over defenders. The fact that this zero-day has been in use for an extended period underscores the challenges faced by security teams in keeping pace with emerging threats1. This situation matters to security practitioners because it underscores the importance of proactive defense measures, given that patches for zero-day exploits are, by definition, not yet available.