A new zero-day remote code execution vulnerability in Adobe Flash was being actively exploited in the wild by a group of advanced persistent threat actors, known as BlackOasis. The latest attack is using a new Adobe Flash exploit delivered through Microsoft Office documents. The group has targeted victims in various countries including Russia, Iraq, Afghanistan, Nigeria, Libya, Jordan, Tunisia, Saudi Arabia, Iran, the Netherlands, Bahrain, the United Kingdom and Angola. Kaspersky Lab reported the vulnerability to Adobe, and the company has addressed the vulnerability with the release of Adobe Flash Player.
Source: https://thehackernews.com/2017/10/flash-player-zero-day.html