Google Chrome 0-Day Vulnerability Actively Exploited in the Wild – Patch Now

The actively exploited vulnerability, CVE-2025-10585, is a Type Confusion flaw in the V8 JavaScript and WebAssembly engine.

Type confusion bugs occur when a program allocates a resource or object using one type but later accesses it with a different, incompatible type. This can lead to logical errors, memory corruption, and ultimately, arbitrary code execution.

A successful exploit could allow a remote attacker to escape the browser’s security sandbox by tricking a user into visiting a specially crafted, malicious webpage.

The vulnerability was reported on September 16, 2025, by Google’s own Threat Analysis Group (TAG), which typically finds zero-days being used in targeted attacks by sophisticated threat actors.

To read the complete article see: Complete Article