Threat Advisories:
Google Patches High-Risk V8 Zero-Day Hitting Chrome Users FortiWeb Hijack: The Hidden Vulnerability Fueling Admin Account Creation Lazarus Group’s New Comebacker Variant Targets Aerospace & Defense Threat Actors Turn RMM Tools into Backdoor Gateways CVE-2025-12480: Triofox Exploit Turns Trusted Access Into a Security Nightmare Microsoft’s November 2025 Patch Tuesday Roundup Telegram-Powered Credential Theft Campaign Sweeps Europe Critical Zero-Day Exposes Synology Devices to Remote Attacks APT41 Cyber-Espionage Campaign Targets U.S. Policy Institutions I Paid Twice: Inside the Booking.com Phishing Fraud Return of Gootloader: Blending Technical Evasion with Operational Discipline Unmasking Airstalk’s Covert Supply Chain Intrusion WordPress Plugin Bug CVE-2025-11833 Hands Hackers the Admin Throne Silent Lynx APT: Espionage Operations Targeting Central Asia’s Critical Infrastructure SleepyDuck: Trojan Nesting in the Open VSX Marketplace Operation SkyCloak: Covert Cyber Strikes on Russian and Belarusian Military Personnel Typosquatted npm Packages Execute Stealthy CredentialTheft Operation Hijackloader Strikes Colombia with PureHVNC Vietnamese Actors Use Recruitment Lures for Espionage and Theft Qilin Ransomware Surge: A Growing Global Threat to Critical Sectors
Hive Pro recognized in Gartner® Magic Quadrant™ for Exposure Assessment Platform, 2025 Watch platform in action
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s ComparisonSave Cost , Reduce Complexity and Increase Security by Augmenting and Replacing your existing Vulnerability Management platform
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Blog
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s Comparison
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Blog
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe

Google Patches High-Risk V8 Zero-Day Hitting Chrome Users

Red | Vulnerability Report
Download PDF

Google Chrome Zero-Day Vulnerability CVE-2025-13223: Critical V8 Engine Security Update Required

Summary

Google Chrome users face an urgent security threat from an actively exploited zero-day vulnerability affecting the V8 JavaScript engine. The critical vulnerability, tracked as CVE-2025-13223, enables remote attackers to execute arbitrary code on victims’ devices through maliciously crafted HTML pages. This type confusion vulnerability in Google Chrome’s V8 engine allows heap memory corruption without requiring user interaction, making it particularly dangerous for Chrome users across Windows, macOS, and Linux platforms.

The zero-day vulnerability was discovered in November 2025 and Google has confirmed active exploitation in the wild. Organizations and individual users must immediately update Google Chrome to version 142.0.7444.175/.176 to protect against this critical security threat. The vulnerability carries the highest risk level (Red) according to HivePro’s threat assessment, with an Admiralty Code of A1 indicating confirmed active exploitation.

Vulnerability Details

CVE-2025-13223 Type Confusion Vulnerability

The Google Chrome V8 engine vulnerability represents a severe type confusion bug that compromises browser security at the JavaScript execution level. This zero-day vulnerability affects all Google Chrome versions prior to 142.0.7444.175, exposing millions of users to potential remote code execution attacks. The V8 JavaScript engine vulnerability allows attackers to corrupt heap memory through specially crafted HTML pages, bypassing Chrome’s security mechanisms.

Type confusion vulnerabilities in the V8 engine occur when the JavaScript interpreter incorrectly handles object types, leading to memory corruption. The CVE-2025-13223 vulnerability specifically enables remote attackers to trigger heap corruption without any user interaction beyond visiting a compromised website. This zero-day exploit has been actively used in real-world attacks, significantly elevating the risk profile for unpatched Chrome installations.

Additional V8 Security Issue

Google’s security update also addresses CVE-2025-13224, another type confusion vulnerability in the V8 JavaScript engine. While this secondary vulnerability hasn’t been exploited in the wild, it poses similar risks to Chrome users if left unpatched. Both V8 engine vulnerabilities were patched in the same Chrome security update cycle, demonstrating the critical nature of JavaScript engine security in modern browsers.

Recommendations

Immediate Chrome Update Requirements

Users must update Google Chrome immediately to protect against the actively exploited zero-day vulnerability CVE-2025-13223. The secure Chrome versions are:

  • Windows: 142.0.7444.175/.176
  • macOS: 142.0.7444.176
  • Linux: 142.0.7444.175

Chrome users can verify and apply security updates by navigating to More > Help > About Google Chrome. The browser will automatically check for the latest version and prompt for a relaunch to complete the update process. This Chrome security update is critical for protecting against active zero-day exploitation.

Security Best Practices

Enable automatic updates in Google Chrome to ensure continuous protection against emerging vulnerabilities. The V8 engine vulnerability can be triggered through crafted HTML pages, making it essential to avoid clicking suspicious links or visiting untrusted websites until Chrome is updated. Organizations should implement vulnerability management processes that include regular software assessments, maintaining inventories of Chrome versions across their infrastructure, and evaluating third-party vendor security practices.

Browser security requires constant vigilance, particularly when zero-day vulnerabilities are actively exploited. Users should treat this Chrome update as critical infrastructure maintenance, given the widespread use of Chrome browsers in enterprise and personal computing environments.

MITRE ATT&CK TTPs

Attack Techniques Associated with CVE-2025-13223

The Chrome zero-day vulnerability exploitation follows several MITRE ATT&CK framework techniques:

  • TA0042 – Resource Development: Attackers obtain vulnerability capabilities
  • T1588.006 – Vulnerabilities: Exploitation of the V8 engine type confusion bug
  • TA0001 – Initial Access: Gaining entry through browser exploitation
  • T1189 – Drive-by Compromise: Malicious HTML pages trigger the vulnerability
  • TA0002 – Execution: Remote code execution through heap corruption
  • T1059 – Command and Scripting Interpreter: JavaScript engine manipulation
  • T1203 – Exploitation for Client Execution: Browser-based code execution

References

Official Google Chrome Security Updates

The official Google Chrome release blog provides detailed information about the security update addressing CVE-2025-13223: https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html

This Chrome security advisory confirms the zero-day vulnerability’s active exploitation status and provides version-specific update guidance for all supported platforms. Security researchers and IT administrators should monitor Google’s Chrome releases for additional security updates addressing V8 engine vulnerabilities.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox