Security Vulnerabilities Discovered in Google and Adobe Services

Security researchers discovered exposed Gemini API endpoints on April 9, 2026, allowing unauthorized access to internal Google services due to misconfigured authentication controls. Adobe confirmed an actively exploited zero-day vulnerability (CVE-2026-24871) in Adobe Reader, enabling arbitrary code execution via maliciously crafted PDFs, with attacks observed in the wild since April 5. Quantum computing threat timelines have accelerated, with NIST estimating a 40% reduction in the expected timeframe for breaking RSA-2048 encryption, now projected by 2033. The Gemini exposure affects Google Cloud customers using default IAM policies, while Adobe released an emergency patch for Reader versions 2025 and 2026. No specific threat actors were named in connection with the Adobe zero-day.