According to Russian cybersecurity firm Kaspersky Labs, an Adobe Flash bug was exploited by a group called BlackOasis, which used it to install malware on computers. The malware installed is a commercial product called FinSpy or FinFisher, sold to governments and law enforcement agencies for surveillance. Kaspersky has also released a security update for Windows, Macintosh, and Chrome OS.