[[ERRATUM - 2015-01-22]]
I couldn't write about it earlier but this is not CVE-2014-9162/9163.
It's CVE-2015-0310 which was an unpatched bug in Flash Player but as coder were not aware it seems (not fired to Flash > 188.8.131.52) this post was leaved untouched.
The CVE has been fixed the 2015-01-22 with Flash 184.108.40.2067
CVE-2014-9162 and CVE-2014-9163 were patched on 2014-12-09. They are affecting Flash Player 220.127.116.11 and below.
Angler EK :
2015-01-15 <- It seems.
Angler EK was really rare those days (since december). I saw many delivery path migrating to Nuclear, Neutrino or Sweet Orange. The Flash exploit did not rotate between 2014-12-24 and yesterday (when it's usually rotating every 3-4 days). It seems they are now back from vacation with a new exploit which have been identified as a combination of CVE-2014-9162 and CVE-2014-9163 by [REDACTED - mistake happen]
CVE-2014-9162/CVE-2014-9163 successfully exploited by Angler EK on Flash 18.104.22.168
Landing after first pass of debofuscation : http://pastebin.com/KPasYHkY
(nothing specific to that CVE here)
Another one spotted by EKWatcher yesterday : eba97461a4ebda24c5183f66b810ea7e
And a fiddler pushed to VT.
That's all for now !
Post publication Reading :
Understanding CVE-2015-0310 Flash vulnerability 2015-02-20 HiddenCodes
CVE-2015-0310 CVE-2014-9162 Angler EK