Are you using Chrome or Firefox to browse the web? You could be at risk of serious cyber threats!
The National Council of Educational Research and Training (NCERT) has issued an urgent cybersecurity advisory (NCA-29.052225) alerting users about critical vulnerabilities in the latest versions of Mozilla Firefox and Google Chrome—the world’s most popular web browsers.
What’s the Threat?
Cybercriminals are actively exploiting these security flaws to spread viruses, steal personal data, and hijack systems—especially through malicious websites and web content.
Key Vulnerabilities:
| CVE ID | Browser | Risk Description |
|---|---|---|
| CVE-2025-4918, CVE-2025-4919 | Mozilla Firefox | Remote Code Execution (RCE) through malicious JavaScript during the Pwn2Own hacking contest, bypassing key browser protections. |
| CVE-2025-4644 | Google Chrome | WebAssembly (Wasm) flaw allowing cross-origin data leaks, session hijacking, and sensitive data theft. |
What Can Attackers Do?
These zero-day vulnerabilities could allow hackers to:
- Execute malicious code on your system
- Install malware without your knowledge
- Steal saved passwords, session cookies, and personal data
- Hijack browser sessions or spy on your web activity
- Access sensitive input such as credit card or login data
What Should You Do?
Immediate action is critical. NCERT strongly advises the following steps:
Update your browser immediately to the latest patched version
Enable automatic updates for future protection
Use antivirus and endpoint protection tools
Avoid clicking suspicious links or visiting untrusted websites
For organizations: Enforce strict browser patching policies across teams
These issues are not just technical bugs—they are gateways for attackers to access your personal and organizational data. Staying up-to-date is your best defense.
Final Words
With browsers being the frontline of digital interaction, these vulnerabilities represent a serious threat to both individuals and businesses. Stay alert, stay updated, and take cybersecurity seriously.