{“lastseen”:”2025-09-18T07:09:11″,”description”:”\\n\\nGoogle on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild.\\n\\nThe zero-day vulnerability in question is **CVE-2025-10585** , which has been described as a type confusion issue in the V8 JavaScript and WebAssembly engine.\\n\\nType confusion vulnerabilities can have severe consequences as they can be weaponized by bad actors to trigger unexpected software behavior, resulting in the execution of arbitrary code and program crashes.\\n\\nGoogle’s Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on September 16, 2025.\\n\\nAs is typically the case, the company did not share any additional specifics about how the vulnerability is being abused in real-world attacks, by whom, or the scale of such efforts. This is done to prevent other threat actors from exploiting the issue before users can apply a fix.\\n\\n\\n\\n\\”Google is aware that an exploit for CVE-2025-10585 exists in the wild,\\” it acknowledged in a terse advisory.\\n\\nCVE-2025-10585 is the sixth zero-day vulnerability in Chrome that has been either actively exploited or demonstrated as a proof-of-concept (PoC) since the start of the year. This includes: CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, CVE-2025-6554, and CVE-2025-6558.\\n\\nTo safeguard against potential threats, it’s advised to update their Chrome browser to versions 140.0.7339.185\/.186 for Windows and Apple macOS, and 140.0.7339.185 for Linux. To make sure the latest updates are installed, users can navigate to More \\u003e Help \\u003e About Google Chrome and select Relaunch.\\n\\nUsers of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to apply the fixes as and when they become available.\\n\\nFound this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2025-09-18T05:49:00″,”modified”:”2025-09-18T05:49:03″,”type”:”thn”,”title”:”Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions”,”source”:””,”references”:””,”id”:”THN:557A2CB68F0BB446C69396AC96490EFD”,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[“CVE-2025-10585″,”CVE-2025-2783″,”CVE-2025-4664″,”CVE-2025-5419″,”CVE-2025-6554″,”CVE-2025-6558″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:8.8,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2025\/09\/google-patches-chrome-zero-day-cve-2025.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-09-18T07:09:11″,”description”:”\\n\\nGoogle on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,41,12,15,13,7,11,43,5],"class_list":["post-17947","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-88","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n