Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Posted on By CWS

Dec 11, 2025Ravie LakshmananZero-Day / Vulnerability
Google on Wednesday shipped safety updates for its Chrome browser to handle three safety flaws, together with one it stated has come beneath energetic exploitation within the wild.
The vulnerability, rated excessive in severity, is being tracked beneath the Chromium difficulty tracker ID “466192044.” In contrast to different disclosures, Google has opted to maintain details about the CVE identifier, the affected part, and the character of the flaw beneath wraps.
“Google is conscious that an exploit for 466192044 exists within the wild,” the corporate famous, including that extra particulars are “beneath coordination.”
Naturally, the tech large has additionally not disclosed any specifics on the id of the menace actor behind the assaults, who might have been focused, or the size of such efforts.
That is usually achieved in order to make sure that a majority of the customers have utilized the fixes and to forestall different unhealthy actors from reverse engineering the patch and creating their very own exploits.

With the newest replace, Google has addressed eight zero-day flaws in Chrome which have been both actively exploited or demonstrated as a proof-of-concept (PoC) for the reason that begin of the 12 months. The checklist consists of CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, CVE-2025-6554, CVE-2025-6558, CVE-2025-10585, and CVE-2025-13223.
Additionally addressed by Google are two different medium-severity vulnerabilities –

CVE-2025-14372 – Use-after-free in Password Supervisor
CVE-2025-14373 – Inappropriate implementation in Toolbar

To safeguard towards potential threats, it is suggested to replace their Chrome browser to variations 143.0.7499.109/.110 for Home windows and Apple macOS, and 143.0.7499.109 for Linux. To verify the newest updates are put in, customers can navigate to Extra > Assist > About Google Chrome and choose Relaunch.
Customers of different Chromium-based browsers, corresponding to Microsoft Edge, Courageous, Opera, and Vivaldi, are additionally suggested to use the fixes as and once they turn into obtainable.

The Hacker News Tags:, , , , , , , ,

Related Posts

X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts The Hacker News
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown The Hacker News
New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks The Hacker News
Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams The Hacker News
Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems The Hacker News
Secrets Sprawl Expands in 2026: Key Insights for CISOs Secrets Sprawl Expands in 2026: Key Insights for CISOs The Hacker News