Next scheduled rescrape ... never
Version 1
Last scraped
Scraped on 28/08/2025, 00:17:32 UTC
Just a quick but important heads-up for anyone using Google Chrome
If you're using wallets, trading tools or browsing exchanges via Chrome you're potentially exposed unless you're already updated
recently a zero-day flaw in Chrome’s ANGLE/GPU components, allowing attackers to bypass sandbox protections and potentially execute arbitrary code via malicious WebGL or GPU content
Anyone using the browser should make sure they are using the latest version
Ensure your Chrome browser (or any Chromium-based variant) is updated to at least version139.0.7258.154 (Linux) or 154/155 (Windows, macOS) — and 139.0.7258.158 on Android.
In the version announcement, Google remains famously tight-lipped about the details of the vulnerability. It is a "use after free" bug where the program code accesses resources that have already been released and therefore have undefined content. This bug can be found in the WebGL render backend Angle (CVE-2025-9478 / EUVD-2025-25822, no CVSS yet, but"critical" risk according to Google). The CVE entry at least reveals that attackers from the network can abuse a memory error on the heap, for example with carefully prepared HTML web pages – often succeeding in infiltrating and executing malicious code, which can also be assumed here due to the severity.
The developers have patched the vulnerability in Google Chrome versions 139.0.7258.158 for Android, 139.0.7258.154 for Linux and 139.0.7258.154/.155 for macOS and Windows. The update is now available for download
If you’re using Chrome—or any Chromium-based browser like Edge, Brave, Opera, or Vivaldi—update immediately to the patched versions to protect against these active threats.
Source https://cybernews.com/security/critical-chrome-flaw-discovered-by-google-ai/
https://www.heise.de/en/news/Google-Chrome-Update-closes-critical-security-vulnerability-10622372.html
If you're using wallets, trading tools or browsing exchanges via Chrome you're potentially exposed unless you're already updated
recently a zero-day flaw in Chrome’s ANGLE/GPU components, allowing attackers to bypass sandbox protections and potentially execute arbitrary code via malicious WebGL or GPU content
Anyone using the browser should make sure they are using the latest version
Ensure your Chrome browser (or any Chromium-based variant) is updated to at least version
In the version announcement, Google remains famously tight-lipped about the details of the vulnerability. It is a "use after free" bug where the program code accesses resources that have already been released and therefore have undefined content. This bug can be found in the WebGL render backend Angle (CVE-2025-9478 / EUVD-2025-25822, no CVSS yet, but"critical" risk according to Google). The CVE entry at least reveals that attackers from the network can abuse a memory error on the heap, for example with carefully prepared HTML web pages – often succeeding in infiltrating and executing malicious code, which can also be assumed here due to the severity.
The developers have patched the vulnerability in Google Chrome versions 139.0.7258.158 for Android, 139.0.7258.154 for Linux and 139.0.7258.154/.155 for macOS and Windows. The update is now available for download
If you’re using Chrome—or any Chromium-based browser like Edge, Brave, Opera, or Vivaldi—update immediately to the patched versions to protect against these active threats.
Source https://cybernews.com/security/critical-chrome-flaw-discovered-by-google-ai/
https://www.heise.de/en/news/Google-Chrome-Update-closes-critical-security-vulnerability-10622372.html
Original archived Critical security flaw in Chrome discovered by Google's own AI
Scraped on 28/08/2025, 00:12:03 UTC
recently a zero-day flaw in Chrome’s ANGLE/GPU components, allowing attackers to bypass sandbox protections and potentially execute arbitrary code via malicious WebGL or GPU content
Anyone using the browser should make sure they are using the latest version
Ensure your Chrome browser (or any Chromium-based variant) is updated to at least version 139.0.7258.154 (Linux) or 154/155 (Windows, macOS) — and 139.0.7258.158 on Android.
In the version announcement, Google remains famously tight-lipped about the details of the vulnerability. It is a "use after free" bug where the program code accesses resources that have already been released and therefore have undefined content. This bug can be found in the WebGL render backend Angle (CVE-2025-9478 / EUVD-2025-25822, no CVSS yet, but"critical" risk according to Google). The CVE entry at least reveals that attackers from the network can abuse a memory error on the heap, for example with carefully prepared HTML web pages – often succeeding in infiltrating and executing malicious code, which can also be assumed here due to the severity.
The developers have patched the vulnerability in Google Chrome versions 139.0.7258.158 for Android, 139.0.7258.154 for Linux and 139.0.7258.154/.155 for macOS and Windows. The update is now available for download
If you’re using Chrome—or any Chromium-based browser like Edge, Brave, Opera, or Vivaldi—update immediately to the patched versions to protect against these active threats.
Source https://cybernews.com/security/critical-chrome-flaw-discovered-by-google-ai/
https://www.heise.de/en/news/Google-Chrome-Update-closes-critical-security-vulnerability-10622372.html
Anyone using the browser should make sure they are using the latest version
Ensure your Chrome browser (or any Chromium-based variant) is updated to at least version 139.0.7258.154 (Linux) or 154/155 (Windows, macOS) — and 139.0.7258.158 on Android.
In the version announcement, Google remains famously tight-lipped about the details of the vulnerability. It is a "use after free" bug where the program code accesses resources that have already been released and therefore have undefined content. This bug can be found in the WebGL render backend Angle (CVE-2025-9478 / EUVD-2025-25822, no CVSS yet, but"critical" risk according to Google). The CVE entry at least reveals that attackers from the network can abuse a memory error on the heap, for example with carefully prepared HTML web pages – often succeeding in infiltrating and executing malicious code, which can also be assumed here due to the severity.
The developers have patched the vulnerability in Google Chrome versions 139.0.7258.158 for Android, 139.0.7258.154 for Linux and 139.0.7258.154/.155 for macOS and Windows. The update is now available for download
If you’re using Chrome—or any Chromium-based browser like Edge, Brave, Opera, or Vivaldi—update immediately to the patched versions to protect against these active threats.
Source https://cybernews.com/security/critical-chrome-flaw-discovered-by-google-ai/
https://www.heise.de/en/news/Google-Chrome-Update-closes-critical-security-vulnerability-10622372.html