Urgent Chrome Update: CISA Warns An Alarming Security Flaw Is Being Exploited
The CISA reported that CVE-2025-4664 is already being exploited in the wild and that it impacts the Google Chromium Loader, a part of Chrome that gathers and displays information for users. Since Google Chromium is an open-source browser project containing the structure on which Google Chrome is built, all Chrome users are susceptible to this attack. Also note that many browsers are built on the Google Chromium platform, including Arc, Opera, Microsoft Edge, Brave, SlimBrowser, Vivaldi, SRWare Iron, Epic, Torch, LibreWolf, and Comodo Dragon to name but a few. Malicious actors could likely exploit this vulnerability on any browser built on the Google Chromium platform.
By exploiting this vulnerability, attackers can leak cross-origin data. This means that attackers on other websites can assess your activities on the website you browsed. Hence, personal details and confidential information like payment credentials, emails, or even your home address can be divulged to malicious actors.
If you are a Chrome user, ensure you're using a version newer than 136.0.7103.113. To do this, simply update your Chrome browser across all devices, including PC, Smart TVs, smartphones, etc. If you use other Chromium-based browsers, an update should protect you too.
You can also check the official CISA website for the two other zero-day vulnerabilities it reported.
