Google has suddenly released an emergency update for Chrome to fix a dangerous vulnerability (CVE-2025-5419) discovered by its Threat Analysis Group and already exploited in cyberattacks.
This flaw in the V8 engine allows hackers to execute malicious code via crafted HTML pages, risking user security. Google partially mitigated the issue on May 28, 2025 (7 Jawza 1404) with a configuration change, and now urges everyone to update to version 137.0.7151.68 or higher to stay protected.
Users should update Chrome immediately, as active attacks are ongoing, and even the U.S. government has ordered federal staff to update by Thursday or stop using the browser. Another vulnerability (CVE-2025-5068) in the Blink engine has also been patched in this emergency update.
Cloudflare