Google has warned that a serious security flaw has been found in the Chrome browser, which allows hackers to steal login credentials and bypass multi-factor authentication (MFA). The issue is very important and needs to be fixed immediately. The US government has already ordered all federal employees to update their browsers by June 5.
This is not just for government employees, but any user at home or in the office should update now. The US cyber security agency Cis and has instructed federal agencies to "take corrective actions in accordance with the vendor's instructions ... or, if that is not possible, stop using the browser.
" That is, if they do not update within 21 days, they will have to refrain from using Chrome. Although the CISA's guidance is directly aimed at federal employees, they have warned all organizations so that they can "better address the risks and keep up with the threat."
Given the nature of this security flaw, all users should take action now. Google has already released a patch for the flaw, CVE-2025-4664, but warns that "there have been reports of exploitation of this flaw.
" Twitter user @slonser reported the flaw, saying that it could allow account hijacking through a query parameter takeover mechanism in the OAuth flow.
This could allow hackers to steal sensitive data stored in the browser (such as session credentials) and gain access to the user's session. It is not yet clear whether the flaw is being used as a proof-of-concept (POC) or if it is an actual attack.
However, the risk is now high—as long as the patch is not released, the attack is still possible. So as a precaution, update your Chrome browser quickly and stay protected from this cyber threat.
Note:
- To update Chrome: Go to Settings > Help > About Google Chrome.
- Business users should contact their IT department.
This warning was issued on May 16, 2025 and applies to Google Chrome versions earlier than 136.0.7103.113/.114 on Windows and Mac and versions earlier than 136.0.7103.113 on Linux.
If you use Google Chrome browser on your computer, there is important news for you.
The Indian Computer Emergency Response Team (CERT-In) has issued an alert for Google Chrome users on desktop. It says that some vulnerabilities have been found in Chrome, which scammers can exploit to hack your computer.
These computers are at risk-
According to the advisory, scammers can exploit this vulnerability by luring users to the wrong website.
If the scammers succeed in doing this, they can run malicious code on your computer, which can put your entire system at risk. One of these vulnerabilities, numbered CVE-2025-4664, is already being exploited.
CERT-In warned that by exploiting these vulnerabilities, scammers could steal your personal information or cause your computer to stop working properly.
The agency said the vulnerabilities are caused by a failure to properly follow security rules in a part of Chrome called the loader and a flaw in another part called Mojo. Mojo helps different parts of Chrome communicate with each other.
Who is at risk?
This alert is for individuals and organizations who use Google Chrome on desktop computers, whether they are running Windows, macOS, or Linux.
What should you do?
CERT-In has advised that all users should immediately update their browsers to the latest version released by Google. These security vulnerabilities have been fixed in Chrome version 136.0.7103.113 and later. You can update using the update method within Chrome or by visiting the official Chrome Releases blog.
Google Chrome is the top browser in the world. However, there is a fear that hackers can take complete control of users' devices through this Chrome browser.
Sensitive information can also be stolen by installing malicious software. According to an Indian media report, this information has been given by a central organization called the Indian Computer Emergency Response Team about the Google Chrome browser. The report also says that for Windows and Mac users, all versions of Google Chrome before version 132.0.6834.110/111 have been affected. Again, for Linux, 132.0.6834.110.
To avoid all these errors, users have been asked to update Google Chrome. And for this, they have to go to the official website of Google Chrome. They have to update from here. And only then can users be protected.
Incidentally, in the case of Chrome updates, automatic updates are often turned on. It is known that there is no possibility of danger in that case either. In addition, cookies and cache need to be deleted regularly. History can also be deleted.
About the Creator
Arfan Raihen
Hello, I am a new member of Vocal Media and I have also worked in Vocal Media before with another account and I have the skills to work with you for a long time.
Keep reading
More stories from Arfan Raihen and writers in Journal and other communities.
social media
There was a time when people woke up and finished the paper in the morning. Then he communicated with people to know the need for work or for the sake of the relationship. Now people drink tea at the tea-power table and raise their hands on the phone. The news takes on all social media.
By Arfan Raihen8 months ago in Journal
The Rise of Electric Aircraft in Business Aviation: A Sustainable Future
The aviation industry has long been known for its significant environmental impact, with business aviation contributing to a large share of emissions from private aircraft. However, as sustainability becomes a more pressing issue, the business aviation sector is looking to electric aircraft as a potential solution. With advancements in electric propulsion systems, blockchain and battery technology, electric aircraft are poised to revolutionize business aviation, offering a cleaner, more efficient alternative to traditional jet fuel-powered aircraft. In this blog, we will explore the rise of electric aircraft in business aviation and how they promise to shape a more sustainable future.
By Beckett Dowhan2 days ago in Journal
Comments
There are no comments for this story
Be the first to respond and start the conversation.