Google Releases Emergency Patches for Chrome Zero-Day Vulnerability (CVE-2025-6554)

Red Dog Security

05 Jul 2025 — 1 min read

Google has issued emergency updates for a critical zero-day vulnerability actively exploited in the wild. Tracked as CVE-2025-6554, the flaw affects the Chrome browser and allows attackers to potentially execute arbitrary code on vulnerable systems.

Key Details

Vulnerability Type: Type confusion in Chrome’s V8 JavaScript engine
Discovered By: Clément Lecigne of Google’s Threat Analysis Group (TAG)
Impact: Remote code execution, memory corruption, or browser crashes
Exploitation Status: Actively exploited—Google confirms real-world attacks but has not disclosed technical details

Affected Platforms:

Windows: Versions 138.0.7204.96 and 138.0.7204.97
macOS: Versions 138.0.7204.92 and 138.0.7204.93
Linux: Version 138.0.7204.96

About the Discovery

The vulnerability was discovered by TAG, Google’s elite threat-hunting division known for tracking state-sponsored hackers, advanced persistent threats (APTs), and spyware operators. TAG frequently uncovers zero-days exploited in targeted attacks against journalists, activists, and political figures.

This patch marks the fourth zero-day Chrome vulnerability addressed by Google in 2025, reflecting the browser’s ongoing status as a high-value target for attackers.

Why It Matters

No technical breakdowns or exploit proof-of-concepts have been released yet. In line with its policy, Google is withholding full details until a majority of users have applied the patch. However, the confirmed exploitation in the wild underscores the severity.

Given Chrome’s widespread use across personal, enterprise, and government environments, the window of exposure is significant—especially if patching is delayed.

What You Should Do Now

Users are strongly urged to update their browsers immediately, as patches may take days or weeks to reach all systems, depending on platform and update cadence.

Recommended Actions:

✔ Navigate to chrome://settings/help to check your browser version
✔ Apply any available updates
✔ Restart Chrome to ensure the patch is activated

Organizations using Chrome in managed environments should verify update deployment through endpoint security platforms or group policy enforcement.

We’ll continue to monitor developments and publish updates if technical details or exploit samples are disclosed.

352 Android Apps Infected with IconAds Adware

Security researchers at Human Security have uncovered a massive ad fraud operation dubbed IconAds, involving 352 malicious Android apps previously available on the Google Play Store. At its peak, the campaign generated over 1.2 billion ad requests per day, primarily targeting users in Brazil, Mexico, and the United States.

AI Chatbots Like ChatGPT Are Providing Fake URLs for Major Companies

Cybersecurity analysts at Netcraft have uncovered a troubling trend: AI chatbots frequently generate incorrect or misleading URLs when asked to provide official website links for major brands. According to researchers, this flaw opens a dangerous new vector for phishing and domain hijacking attacks. Key Findings from Netcraft’s Study The

Hackers Leak Allegedly Stolen Telefónica Data

A hacker is threatening to release 106 GB of data allegedly stolen from Spanish telecommunications giant Telefónica, though the company firmly denies any recent breach or data compromise. The threat actor, operating under the alias “Rey,” claims the intrusion occurred on May 30, during which over 12 hours of data

.es Domains Become 19 Times More Popular Among Phishers

Cybersecurity researchers at Cofense report a dramatic rise in phishing campaigns leveraging .es domains, which are officially reserved for Spanish-language websites or entities based in Spain. The use of these domains by cybercriminals has surged 19-fold since the beginning of 2025, making .es the third most exploited top-level domain (TLD)