Google Chrome浏览器的V8 JavaScript引擎曝出关键类型混淆0-Day漏洞（CVE-2025-10585），这是2025年发现的第六个已被活跃利用的Chrome零日漏洞。该高危漏洞CVSS 3.1评分为8.8分，攻击者可通过复杂的内存破坏技术实现远程代码执行，并绕过Chrome的沙箱保护机制。 V8类型混淆 ...

谷歌发布Chrome紧急更新，修复两个已被攻击者利用的零日漏洞CVE-2026-3909和CVE-2026-3910。第一个漏洞影响图形库Skia，存在越界写入问题；第二个漏洞位于V8引擎，存在不当实现缺陷。谷歌证实这两个漏洞的利用代码已在野外传播，但未透露具体攻击细节。修复程序已包含在最新稳定版更新中，用户需重启浏览器完成安装。

‘Super-fast’ non-optimizing Sparkplug compiler, which compiles bytecode to machine code, makes its debut in V8 9.1 and Chrome 91. With the Sparkplug compiler, Google is looking to improve JavaScript ...

A new project hopes to beef up the security of V8, a part of the Chrome browser that most users aren't aware of but that hackers increasingly see as a juicy target. Chrome has over two billion users, ...

Google and Microsoft, which now both contribute to the Chromium project, apparently share concerns about the Just-In-Time (JIT) compiler in Chrome's V8 JavaScript engine. Microsoft's Edge ...