The Russia-linked cyber espionage group known as APT28 has been using a recently patched Adobe Flash Player vulnerability in attacks aimed at government organizations and aerospace companies, security firm Proofpoint reported on Thursday.

The Flash Player flaw in question, CVE-2017-11292, was patched by Adobe on October 16. At the time when the patch was released, the vulnerability had a zero-day status, as it had been exploited in targeted attacks by a Middle Eastern threat actor named BlackOasis to deliver FinFisher spyware.