Google Patches Worrying Chrome Zero-Day Flaw Being Exploited in the Wild - Here's How to Stay Safe

Summary

Google has released a patch for a critical zero‑day vulnerability (CVE‑2025‑13223) in the V8 JavaScript and WebAssembly engine of Chrome, rated 8.8/10 by the NVD. The type‑confusion flaw could allow remote attackers to achieve arbitrary code execution via a crafted HTML page and was reportedly being exploited in the wild, possibly by state‑sponsored groups. The fix is included in Chrome 142.0.7444.175/176 for Windows, macOS, and Linux, and will be applied automatically for users with auto‑update enabled. This is the third V8 type‑confusion bug disclosed this year, underscoring a pattern of high‑impact flaws in the browser’s core engine.