Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
GIGAZINE

Firefox's JavaScript engine "Spidermonkey" runs faster than Chrome's V8

"ARE WE FAST YET?" Is a service that Mozilla's JavaScript team checks the latest source code for each JavaScript engine automatically every day, measures the benchmark and stores it in the database.
Hosted on MSN

Google Chrome bug exploited as an 0-day - patch now or risk full system compromise

Google pushed an emergency patch on Monday for a high-severity Chrome bug that attackers have already found and exploited in the wild.… The vulnerability, tracked as CVE-2025-13223, is a type ...
GCN

Google fixes Chrome zero-day CVE-2025-10585

Google has released emergency security patches to address CVE-2025-10585, a high-severity zero-day bug in the V8 JavaScript engine of Chrome that has been actively exploited, the sixth Chrome zero-day ...
PC Magazine

Patch Now: Google Warns of 'High Severity' Bug Targeting Chrome

Google has issued an emergency patch to address a high-severity, zero-day exploit targeting the desktop version of its Chrome browser. The vulnerability, dubbed CVE-2025-13223, "exists in the wild," ...