Google rolls out urgent Chrome security patch for active zero-day

Google rolls out urgent Chrome security patch for active zero-day

Google has released emergency security updates for its Chrome browser to address a critical zero-day vulnerability that is actively being exploited in the wild.

The flaw, tracked as CVE-2025-6554, is described as a type confusion bug in Chrome's V8 JavaScript and WebAssembly engine.

Although Google has not disclosed details about the nature of the attacks or who may be behind them, the company confirmed that “an exploit for CVE-2025-6554 exists in the wild.”

The vulnerability was mitigated with a configuration change that was pushed out to Chrome's Stable channel across all platforms just a day after discovery.

This marks the fourth zero-day vulnerability in Chrome patched by Google in 2025, following CVE-2025-2783, CVE-2025-4664, and CVE-2025-5419.

Back to the list

Latest Posts

Chinese hackers exploited Ivanti flaws in attacks against French government

Chinese hackers exploited Ivanti flaws in attacks against French government

ANSSI believes that the Houken campaign is operated by ‘UNC5174’, an entity believed to act as an initial access broker for China’s Ministry of State Security.
2 July 2025
Threat actors exploit Vercel's AI tool v0 to build sophisticated phishing pages

Threat actors exploit Vercel's AI tool v0 to build sophisticated phishing pages

The malicious actors used v0.dev to create fake login pages mimicking legitimate brands.
2 July 2025
Qantas alerts customers to potential data breach after third-party cyberattack

Qantas alerts customers to potential data breach after third-party cyberattack

Attackers accessed and exfiltrated data from the compromised platform.
2 July 2025