Yesterday Adobe patched multiple vulnerabilities in Adobe Photoshop and Adobe Acrobat, releasing two security bulletins. Information about zero-day vulnerability however appeared today only.
The vulnerability in question is a double free error CVE-2018-4990. The vulnerability exploitation was detected by ESET in March 2018.
The Adobe Acrobat bug was used along with another zero-day: privilege escalation vulnerability in Microsoft Windows CVE-2018-8120. Victims of this APT campaign are not yet disclosed.
I would advise to patch you systems ASAP, buy popcorn and wait for a fancy target to be named =) As that was a very expensive attack =)
Useful links
Our trackers:
https://www.zero-day.cz/database/498/
https://www.zero-day.cz/database/496/
ESET research https://www.welivesecurity.com/2018/05/15/tale-two-zero-days/