Google has released a critical security update for Chrome addressing six vulnerabilities, including a high-severity zero-day flaw (CVE-2025-6558) actively exploited in the wild. The flaw, found in the ANGLE and GPU components, allows attackers to escape Chrome’s sandbox via a crafted HTML page, potentially enabling full system access just by visiting a malicious website. Discovered by Google’s Threat Analysis Group, the exploit suggests possible nation-state involvement. Users are urged to update Chrome to version 138.0.7204.157/.158 immediately, and users of Chromium-based browsers should also apply upcoming patches.