Google has patched another urgent security flaw in Chrome - so update now or be at risk
techradar.com
- Google's TAG team finds high-severity bug in Chrome V8
- The bug allows threat actors to run arbitrary code on endpoints
- It is being actively exploited, so users should patch now
Google has fixed a high-severity Chrome vulnerability which was allegedly being exploited in the wild, possibly by nation-state threat actors.
In a new security bulletin, Google said it addressed a type confusion issue in Chrome V8, tracked as CVE-2025-6554, which allowed threat actors to perform arbitrary read/write operations, potentially giving way to sensitive data theft, token exfiltration, or even malware and ransomware deployment.
The V8 engine is Google’s open source high-performance JavaScript and WebAssembly engine used in Chrome and other Chromium-based browsers to execute web code efficiently. The bug caused V8 to incorrectly interpret data, leading to unintended behavior. In theory, a threat actor could serve a specially crafted HTML page to ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE