October 02, 2025
Back to all stories

Google patches active Chrome zero‑day (CVE‑2025‑10585)

1d Breaking 1 source

Google’s Threat Analysis Group discovered and reported a zero‑day vulnerability in Chrome’s V8 JavaScript engine (CVE‑2025‑10585) that was being exploited in the wild; Google pushed fixes October 1, 2025 via Chrome versions 140.0.7339.185/.186 for Windows and macOS and 140.0.7339.185 for Linux. Users are urged to update immediately (About Google Chrome → Relaunch) because the flaw is actively exploited and is the sixth Chrome zero‑day patched in 2025.

AI & Tech Cybersecurity

🔍 Key Facts

  • Vulnerability: CVE-2025-10585, a type‑confusion bug in the V8 JavaScript engine
  • Patch: Chrome 140.0.7339.185/.186 (Windows/macOS), 140.0.7339.185 (Linux) released Oct. 1, 2025
  • Attribution/status: Google TAG discovered the bug and confirmed it was 'being exploited in the wild'; Google withheld full technical details until updates roll out

📰 Sources (1)

Update Chrome now: Google patches new zero-day threat
Fox News October 02, 2025