CISA Warns of Critical Chromium Zero-Day Under Active Attack

CISA flags critical zero-day in Chromium's graphics, urging immediate updates to prevent exploits and secure browsers.

By Content Team

Dec 14, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

CISA added a dangerous zero-day vulnerability in Google Chromium's graphics engine to its priority threat list. The flaw, CVE-2025-14174, lets attackers execute malicious code through crafted web pages by exploiting memory corruption in the ANGLE graphics component.

Discovered and patched within days, this vulnerability affects Chrome, Edge, and other Chromium-based browsers used by over 70% of desktop users. Attackers could use it for drive-by attacks, data theft, or ransomware deployment through malicious websites or ads.

Google released Chrome version 131.0.6778.201 on December 10 with the fix. Federal agencies must patch by January 2, 2026, or stop using affected browsers. Users should update immediately and restart their browsers to stay protected.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

eScan Antivirus Hit by Supply Chain Attack, Delivers Malware to Users

Jan 31, 2026

Critical Microsoft Office Flaw Lets Attackers Take Control Without User Interaction

Mar 12, 2026

Massive Healthcare Cyberattack Paralyzes Medical Billing Across America

Mar 6, 2026

Russian Hackers Target UK Internet Routers for Espionage Operations

Apr 9, 2026