A zero-day exploit targeting Adobe Flash Players has been reported by the South Korean Computer Emergency Response Team and confirmed by Adobe. The vulnerability is exploiting the vulnerability CVE-2018-4878, a critical remote code execution bug. Targeted are South Koreans researching online for information about North Korea. A security researcher claims the vulnerability originated in North Korea and has been in use since mid-November 2017. The security bulletin warns that the attacks are focused on South Koreans and involve malicious Microsoft Word documents.
Source: https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/