Google has released an urgent security update for its Chrome browser to address a critical vulnerability actively exploited in the wild. The flaw, identified as CVE-2025-6554, is a "type confusion" issue within the Chrome V8 JavaScript engine that handles web content processing. Rated "high" severity, the vulnerability was reported on June 25, 2025 by researcher Clément Lecigne to Google's Threat Analysis Group (TAG).

"Google is aware of CVE-2025-6554 being exploited in the wild," stated the company in its security advisory. This flaw could potentially allow attackers to manipulate Chrome's memory by coercing users to visit malicious websites. According to the National Vulnerability Database, this means remote attackers could execute arbitrary read/write operations using carefully crafted HTML pages.

Security experts have raised concerns that such vulnerabilities are frequently leveraged to deploy spyware or execute malicious code covertly, especially in targeted intrusion campaigns. Given TAG's role in discovering this flaw, cybersecurity professionals are speculating it might be part of sophisticated attacks potentially orchestrated by state-sponsored hackers.

Google strongly recommends all Chrome users apply the updates immediately. The patched versions include Windows 138.0.7204.96/.97, macOS 138.0.7204.92/.93, and Linux 138.0.7204.96. Users can check their browser version by clicking the three-dot menu in the top-right corner, navigating to Settings > About Chrome. Available updates will be automatically downloaded, with patches applied after browser restart. All users of Chromium-based browsers like Edge, Brave and Opera should also prioritize updating when patches become available.

This incident marks the fourth actively exploited zero-day vulnerability fixed in Chrome in 2025. Previously addressed flaws include CVE-2025-2783 disclosed in March, CVE-2025-4664 patched in May, and CVE-2025-5419 resolved in June. Each of these vulnerabilities received emergency security updates due to their critical nature.