Two days after disclosing CVE-2024-4761 Google announced that another vulnerability (CVE-2024-4947) in Chrome's V8 engine has been exploited in the wild, but CISA has yet to add it to the KEV catalog.

The CISA reported that CVE-2025-4664 is already being exploited in the wild and that it impacts the Google Chromium Loader, a part of Chrome that gathers and displays information for users.

Now, with CISA adding the bug to KEV, FCEB agencies have until June 5 to patch their Chrome instances or stop using the browser altogether. The first clean versions are 136.0.7103.113 for Windows ...

Bleeping Computer reports that the bug, tracked under the name CVE-2025-6558, allowed for attackers to target Google Chrome users by crafting malicious HTML pages, potentially allowing them to run ...

Apple's iOS 18.6 update fixes a zero-day vulnerability affecting Chrome users. It doesn't appear the flaw has targeted Apple users directly.

CISA also added the CVE-2024-0519 out-of-bounds memory access in the Chromium V8 JavaScript engine to its KEV list today. This is the first Chrome zero-day exploited in the wild patched by Google ...