Google rolls out urgent Chrome security patch for active zero-day

Google rolls out urgent Chrome security patch for active zero-day

Google has released emergency security updates for its Chrome browser to address a critical zero-day vulnerability that is actively being exploited in the wild.

The flaw, tracked as CVE-2025-6554, is described as a type confusion bug in Chrome's V8 JavaScript and WebAssembly engine.

Although Google has not disclosed details about the nature of the attacks or who may be behind them, the company confirmed that “an exploit for CVE-2025-6554 exists in the wild.”

The vulnerability was mitigated with a configuration change that was pushed out to Chrome's Stable channel across all platforms just a day after discovery.

This marks the fourth zero-day vulnerability in Chrome patched by Google in 2025, following CVE-2025-2783, CVE-2025-4664, and CVE-2025-5419.

Back to the list

Latest Posts

Researchers caught embedding hidden AI prompts to sway research reviewers

Researchers caught embedding hidden AI prompts to sway research reviewers

The investigation analyzed English-language preprints published on the research platform arXiv and found concealed AI instructions in 17 papers.
7 July 2025
Brazilian programmer arrested for role in $185 million bank hack

Brazilian programmer arrested for role in $185 million bank hack

João Nazareno Roque, a junior back-end developer at C&M, was allegedly recruited by hackers in a bar in São Paulo.
7 July 2025
APT36 cyber-espionage campaign targeting Indian defense sector via BOSS Linux

APT36 cyber-espionage campaign targeting Indian defense sector via BOSS Linux

More recently, APT36 has shifted its focus to Linux-based environments.
7 July 2025