On February 22, 2018, Morphisec Labs spotted several malicious word documents exploiting the latest Flash vulnerability CVE-2018-4878 in the wild in a massive malspam campaign. Adobe released a patch early February, but cyber criminals know that is will take some companies weeks, months or even years to rollout the patch.

Article Link: http://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massive-malspam-campaign