Google fixes actively exploited sandbox escape zero day in Chrome www.bleepingcomputer.com/news/secu…

Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser’s sandbox protection.

The vulnerability is identified as CVE-2025-6558 and received a high-severity rating of 8.8. It was discovered by researchers at Google’s Threat Analysis Group (TAG) on June 23.

The current Chrome security update contains fixes for five more vulnerabilities, including a high-severity flaw in the V8 engine tracked as CVE-2025-7656, and a use-after-free issue in WebRTC tracked under CVE-2025-7657. None of these five were highlighted as actively exploited.