Particle News: Google Rushes Emergency Chrome Update to Fix Actively Exploited V8 Zero-Day

Overview

Updates 140.0.7339.185/.186 for Windows and macOS and 140.0.7339.185 for Linux are rolling out, and users should update and relaunch immediately.
The zero-day, tracked as CVE-2025-10585, is a type confusion flaw in the V8 JavaScript/WebAssembly engine that attackers have exploited in the wild.
Google’s Threat Analysis Group reported the vulnerability on September 16, 2025.
The release also fixes three other high-severity issues: CVE-2025-10500 (Dawn), CVE-2025-10501 (WebRTC), and CVE-2025-10502 (ANGLE).
Users of Chromium-based browsers including Microsoft Edge, Brave, Opera, and Vivaldi should apply corresponding updates as vendors release them.