SlowMist: Chrome V8 Zero-Day Vulnerability Allows Attackers to Execute Malicious Code via a Webpage, Users Should Upgrade

Blockbeats

02 Jul

BlockBeats News, July 2, SlowMist CISO @im23pds tweeted a reminder about the Chrome V8 engine vulnerability CVE-2025-6554, which allows attackers to run malicious code through a carefully crafted webpage. Currently, related exploitation PoC has been disclosed and is being exploited. Users should take note to upgrade to avoid phishing attacks that could lead to asset loss.

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2548856836"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2548856836\",edition:\"fundamental\",,,undefined,":{"share":"https://ttm.financial/m/news/2548856836?lang=en_US&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2025-07-02 11:35","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2548856836","market":"us","top_or_hot":-1,"title":"SlowMist: Chrome V8 Zero-Day Vulnerability Allows Attackers to Execute Malicious Code via a Webpage, Users Should Upgrade","media":"Blockbeats","content":"<html><body><div><p>BlockBeats News, July 2, SlowMist CISO @im23pds tweeted a reminder about the Chrome V8 engine vulnerability CVE-2025-6554, which allows attackers to run malicious code through a carefully crafted webpage. Currently, related exploitation PoC has been disclosed and is being exploited. Users should take note to upgrade to avoid phishing attacks that could lead to asset loss.</p></div></body></html>","source":"theblockbeats_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>SlowMist: Chrome V8 Zero-Day Vulnerability Allows Attackers to Execute Malicious Code via a Webpage, Users Should Upgrade</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nSlowMist: Chrome V8 Zero-Day Vulnerability Allows Attackers to Execute Malicious Code via a Webpage, Users Should Upgrade\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-07-02 11:35 GMT+8&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//en/flash/300869><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats News, July 2, SlowMist CISO @im23pds tweeted a reminder about the Chrome V8 engine vulnerability CVE-2025-6554, which allows attackers to run malicious code through a carefully crafted ...</p>\n\n<a href=\"https://www.theblockbeats.info//en/flash/300869\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"LU2098885051.SGD","symbol_name":"JPMorgan Funds - Multi-Manager Alternatives A (acc) SGD","start_time":0,"source_url":"https://www.theblockbeats.info//en/flash/300869","article_id":"2548856836","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2548856836","pubTimestamp":1751427300,"columns":[],"sourceInfo":{"source_id":"theblockbeats_live","name":"Blockbeats快讯"},"weMediaInfo":null,"summary":"BlockBeats News, July 2, SlowMist CISO @im23pds tweeted a reminder about the Chrome V8 engine vulnerability CVE-2025-6554, which allows attackers to run malicious code through a carefully crafted webpage. Currently, related exploitation PoC has been disclosed and is being exploited. Users should take note to upgrade to avoid phishing attacks that could lead to asset loss.","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"en","relate_stocks":{"LU2098885051.SGD":"JPMorgan Funds - Multi-Manager Alternatives A (acc) SGD","IE00BQXX3C00.GBP":"GUINNESS GLOBAL INNOVATORS \"C\" (GBP) ACC","LU2417539215.USD":"ALLIANZ GLOBAL INCOME \"AMF\" (USD) INC","LU0267386448.USD":"FIDELITY FIRST ALL COUNTRY WORLD \"A\" (USD) INC","LU0029864427.USD":"TEMPLETON GLOBAL \"A\" (USD) INC","LU0234572021.USD":"高盛美国核心股票组合Acc","LU0276348264.USD":"THREADNEEDLE (LUX) GLOBAL DYNAMIC REAL RETURN\"AUP\" (USD) INC","LU2750360641.GBP":"INVESCO GLOBAL EQUITY INCOME ADVANTAGE \"A\" (GBPHDG) INC","LU1435385759.SGD":"Natixis Loomis Sayles US Growth Equity RA SGD-H","LU0823434583.USD":"BNP PARIBAS US GROWTH \"C\" (USD) ACC","SGXZ31699556.SGD":"UGDP UNITED GLOBAL QUALITY GROWTH \"C\" (SGDHDG) ACC","LU1633808545.USD":"ALLIANZ GLOBAL EQUITY GROWTH \"AT\" (USD) ACC","IE00BKPKM429.USD":"NEUBERGER BERMAN GLOBAL SUSTAINABLE EQUITY \"A\" (USD) ACC","CISO":"CISO Global","LU1935043536.SGD":"MANULIFE GF GLOBAL MULTI-ASSET DIVERSIFIED INCOME \"AA\" (SGDHDG) INC A","LU0302445910.USD":"SCHRODER ISF GLOBAL CLIMATE CHANGE EQUITY \"A\" ACC","LU2191332357.HKD":"SCHRODER ISF SUSTAINABLE MULTI-ASSET INCOME \"A\" (HKDHDG) INC","LU2097829019.USD":"AZ EQUITY - BORLETTI GLOBAL LIFESTYLE \"AI\" (USD) ACC","LU1066051811.HKD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM2\" (HKD) INC","LU2077746001.SGD":"Blackrock ESG Multi-Asset A2 SGD-H","BK4561":"索罗斯持仓","LU1571399168.USD":"ALLSPRING GLOBAL LONG/SHORT EQUITY \"IP\" (USD) ACC","LU0198837287.USD":"UBS (LUX) EQUITY SICAV - USA GROWTH \"P\" (USD) ACC","GOOGL":"谷歌A","LU0353189680.USD":"富国美国全盘成长基金Cl A Acc","LU1989764664.SGD":"CPR Invest - Global Disruptive Opportunities A2 Acc SGD-H","LU1923623000.USD":"Natixis Thematics AI & Robotics Fund R/A USD","LU0494093205.USD":"贝莱德ESG灵活多元资产A2 USD-H","SG9999000418.SGD":"Aberdeen Standard Global Technology SGD","CVE":"Cenovus能源","LU1699723380.USD":"ALLSPRING GLOBAL LONG/SHORT EQUITY \"AP\" (USD) ACC","LU0310799852.SGD":"FTIF - Templeton Global Equity Income A MDIS SGD","LU1868837136.USD":"CT (LUX) I AMERICAN \"8\" (USD) ACC","LU2023250504.SGD":"Allianz Thematica Cl AMg DIS H2-SGD","LU0942090050.USD":"UBS (LUX) EQUITY SICAV - US TOTAL YIELD SUSTAINABLE \"P\" (USD)  INC","LU1868836591.USD":"CT (LUX) I AMERICAN \"1U\"(USD) ACC","LU2471134952.CNY":"INVESCO GLOBAL EQUITY INCOME ADVANTAGE \"A\" (CNYHDG) INC","LU2264538146.SGD":"Fullerton Lux Funds - Global Absolute Alpha A Acc SGD","IE00BHPRN162.USD":"BNY MELLON BLOCKCHAIN INNOVATION \"B\" (USD) ACC","LU2242649171.HKD":"FIDELITY FUNDS GLOBAL THEMATIC OPPORTUNITIES \"A\" (HKD) ACC","LU2265009873.SGD":"Eastspring Investments - Global Growth Equity AS SGD-H","LU2168564495.EUR":"AZ ALLOCATION - TREND \"AI\" (EUR) ACC","LU1803068623.USD":"TEMPLETON GLOBAL CLIMATE CHANGE \"AH1\" (USDHDG) ACC","LU0640476718.USD":"THREADNEEDLE (LUX) US CONTRARIAN CORE EQ \"AU\" (USD) ACC","GB00B4QBRK32.GBP":"FUNDSMITH EQUITY \"R\" (GBP) INC","LU0056508442.USD":"贝莱德世界科技基金A2","LU2168564222.USD":"AZ ALLOCATION - TREND \"AAZ\" (USDHDG) ACC","LU0080751232.USD":"富达环球多元动力基金A","LU0130517989.USD":"HARRIS ASSOCIATES US VALUE EQUITY \"R\" INC","IE00BQXX3D17.EUR":"GUINNESS GLOBAL INNOVATORS \"C\" (EUR) ACC"},"translate_title":"SlowMist：Chrome V8零日漏洞允许攻击者通过网页执行恶意代码，用户应升级","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"CISO":1,"CVE":1,"GOOGL":1},"content_text":"BlockBeats News, July 2, SlowMist CISO @im23pds tweeted a reminder about the Chrome V8 engine vulnerability CVE-2025-6554, which allows attackers to run malicious code through a carefully crafted webpage. Currently, related exploitation PoC has been disclosed and is being exploited. Users should take note to upgrade to avoid phishing attacks that could lead to asset loss.","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"code":"91000000","status":"200"}}}