Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Zero-Day Vulnerability in Google Chrome
Alerts

Active Exploitation of Zero-Day Vulnerability in Google Chrome

4 June 2025

Google has released security updates to address a zero-day vulnerability (CVE-2025-5419) in its Chrome browser.

Background

Google has released security updates to address a zero-day vulnerability (CVE-2025-5419) in its Chrome browser. 

Impact

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code on victims’ systems via out-of-bounds read and write operations in Chrome’s V8 JavaScript engine

Known Exploitation

This vulnerability is reportedly being actively exploited.

Affected Products

This vulnerability affects Google Chrome versions prior to 137.0.7151.68.

Mitigation

Users of Chrome browsers are advised to upgrade their browser to versions 137.0.7151.68/.69 for Windows and macOS, and version 137.0.7151.68 for Linux as soon as possible. 

Users are also encouraged to enable automatic updates in Chrome browser to ensure that their software is updated promptly.

References

https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html
https://thehackernews.com/2025/06/new-chrome-zero-day-actively-exploited.html
https://nvd.nist.gov/vuln/detail/CVE-2025-5419

Back to top