CISA Warns of Actively Exploited Chrome Zero-Day Vulnerability

Urgent: CISA warns of a zero-day vulnerability in Chrome's V8 engine. Update immediately to protect against active exploits.

By Content Team

Sep 24, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

CISA has issued an urgent warning about a high-severity zero-day vulnerability in Google Chrome that hackers are actively exploiting in attacks. The flaw, tracked as CVE-2025-10585, affects Chrome's V8 JavaScript engine and allows attackers to execute malicious code on victims' computers.

Google's Threat Analysis Group discovered the vulnerability on September 16, 2025. This marks the sixth Chrome zero-day exploited this year, showing attackers continue targeting browser vulnerabilities.

Federal agencies must patch by October 14, 2025, but CISA urges everyone to update immediately. Users should update Chrome to version 140.0.7339.185/.186 through the browser's Help menu. Other Chromium-based browsers like Edge and Brave also need updates.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Iran-Linked Hackers Disrupt Medical Giant Stryker's Global Operations

Mar 13, 2026

Victorian Teacher's Identity Stolen After Submitting Rental Applications Online

Feb 8, 2026

Major Polyfill Attack That Hit 100K Websites Traced Back to North Korean Hackers

Mar 15, 2026

Microsoft Rushes Emergency Patch for Office Zero-Day Under Active Attack

Jan 28, 2026