Emergency security updates have been released by Google for an actively exploited high-severity zero-day in its Chrome browser, reports The Register.Attacks involving the Chrome V8 JavaScript engine type confusion vulnerability, tracked as CVE-2025-13223, could enable system crashes and arbitrary code execution, as well as total system compromise if used alongside other flaws, according to Google, which has already fixed six other zero-days impacting its browser since the beginning of this year.While more details on the exploitation of CVE-2025-13223 have not been provided, Google's Threat Analysis Group has linked zero-day abuse to spyware and nation-state threat operations. Another high-severity type confusion issue in the browser's V8 engine, tracked as CVE-2025-13224, has also been remediated by Google.Such a vulnerability, which was identified by Google's artificial intelligence-based cybersecurity agent Big Sleep, has not yet been exploited in the wild, reported Google.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds