Google Releases Emergency Fix For Chrome Zero-Day Flaw – Users Should Update Now

A new Chrome update patches CVE-2025-6554, a serious flaw in the V8 engine. The bug is under active attack.

Google has issued an emergency update for its Chrome browser to patch a serious security vulnerability that hackers are already exploiting in real-world attacks.

The flaw, identified as CVE-2025-6554, is a “type confusion” issue in Chrome’s V8 JavaScript engine, which powers the way the browser processes web content, and it has been rated as “high” severity. The bug was discovered on June 25, 2025 and reported by Clément Lecigne from Google’s Threat Analysis Group (TAG).

“Google is aware that an exploit for CVE-2025-6554 exists in the wild,” the company wrote in a security advisory. This vulnerability could allow attackers to manipulate Chrome’s memory by enticing users to visit malicious websites. According to the National Vulnerability Database, this means a remote attacker could “perform arbitrary read/write via a ...