Kyle Kucharski/ZDNET
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
A new zero-day vulnerability affects Google Chrome.
The flaw has already been exploited in the wild.
The zero-day could allow attackers to run malicious code.
Another day, another zero-day, at least for Google Chrome. In an advisory released Monday, Google warned of a dangerous new security vulnerability affecting its popular browser. Fortunately, the latest update squashes the bug. Here are the details.
Rated as a high security flaw, the zero day labeled CVE-2025-13223 is described as: "Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
Also: I used this free tool to see what data the internet has on me - and the results were disturbing
In plain English, Chrome's V8 JavaScript engine fails to correctly treat a specific type of data, leading to memory corruption. An attacker could exploit that weakness through a web page designed to run malicious code or otherwise wreak havoc with the browser.
... continue reading