India’s cybersecurity watchdog, CERT-In, has issued an urgent warning for Google Chrome users after identifying multiple high-risk security vulnerabilities affecting the browser across Windows, macOS, and Linux. According to the advisory published on Friday, these flaws could allow attackers to remotely execute arbitrary code on a victim’s device. As a result, both individual users and organisations have been urged to update Chrome to the latest version without delay.
CERT-In Warns Chrome Users About Critical Flaws
In its bulletin, tagged as CIVN-2025-0330, CERT-In detailed two serious vulnerabilities labeled CVE-2025-13223 and CVE-2025-13224. The agency classified them as “high severity” due to their potential to compromise systems and disrupt services.
The root cause, according to CERT-In, is Type Confusion — an error that happens when a program tries to access data using an incompatible type. In this case, the issue was found in Chrome’s V8 engine, the component that powers JavaScript and WebAssembly execution. If left unresolved, the vulnerability could allow attackers to trigger heap corruption by tricking users into opening a maliciously crafted HTML page.
Google Confirms Exploits and Issues Patch
Google has acknowledged the issue, confirming that an exploit for CVE-2025-13223 is already being used in the wild. The company stated that Chrome versions earlier than 142.0.7444.175/.176 on Windows, 142.0.7444.176 on macOS, and 142.0.7444.175 on Linux are affected.
The tech giant has now rolled out the necessary patches through its stable channel. CERT-In is advising users to update Chrome to version 142.0.7444.175/.176 as soon as possible. To check for updates manually, users can go to Chrome’s menu, select Help, and then click on About Google Chrome. The browser will automatically download and install the latest update.
Other Cybersecurity Developments
Meanwhile, the broader cybersecurity landscape is seeing several major developments. Privacy concerns have resurfaced after researchers claimed to uncover billions of WhatsApp-registered phone numbers. In a worrying advancement, Chinese hackers reportedly used Claude to carry out the world’s first AI-powered cyberattack. Elsewhere, satellite communications are under scrutiny after researchers exposed significant vulnerabilities that could threaten global communication infrastructure.
