Thursday, May 1, 2025
HomeSecurity NewsCritical Tor Browser Bug "TorMoil" Allows to the Leakage of Your ...

Critical Tor Browser Bug “TorMoil” Allows to the Leakage of Your Real IP Address

Published on

SIEM as a Service

Follow Us on Google News

A Critical Tor Browser Bug called “TorMoil” Allows to Leak your real IP Address that you’re using for Browsing especially this critical security vulnerability affecting Mac and Linux users.

Tor Browser is Providing good level of anonymity and security and you are able to gain access to .onion websites through your dark web browser.

It prevents some person viewing your Internet connection from realizing what websites you visit, it prevents the websites you visit from learning your physical location, and it gives you a chance to get to websites which are blocked.

According to Segment a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser

Apart from This Tor Browser Bug , Torrent file-sharing applications have been observed to ignore proxy settings and make direct connections even when they are told to use Tor. so this is already warned by Tor Team that don’t use Torrent file-sharing.

- Advertisement - Google News

Also Read :   TOR and VPN Anonymous enough for Dark Web

Even if your torrent application connects only through Tor, you will often send out your real IP address in the tracker GET request, because that’s how torrents work

After Reporting This Bug to Tor team Started working with the help of Mozilla engineers This Critical Bug Successfully fixed by Tor Security Experts and Release Patch with Tor Browser 7.0.9 version update. Tor Browser 7.0.9 is now available for both macOS and Linux Users.

According to Tor Team, We are currently preparing updated macOS and Linux bundles for our alpha series which will be tentatively available on Monday, November 6. Meanwhile, macOS and Linux users on that series are strongly encouraged to use the stable bundles or one of the above-mentioned tools that are not affected by the underlying problem.

If you are one of those people that rely on Tor Browser to safely browse the Internet, the message is just one: keep your Tor Browser updated!

Tor Browser Bug Fix for OS X and Linux.

  • OS X – Bug 24052: Streamline handling of file:// resources
  • Linux – Bug 24052: Streamline handling of file:// resources
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Netgear EX6200 Flaw Enables Remote Access and Data Theft

Security researchers have disclosed three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender...

Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code

A high security flaw in Tesla’s Model 3 vehicles, disclosed at the 2025 Pwn2Own...

Quantum Computing and Cybersecurity – What CISOs Need to Know Now

As quantum computing transitions from theoretical research to practical application, Chief Information Security Officers...

Apache ActiveMQ Vulnerability Lets Remote Hackers Execute Arbitrary Code

A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme

The Federal Bureau of Investigation (FBI) has issued a warning regarding an emerging scam...

New ‘Waiting Thread Hijacking’ Malware Technique Evades Modern Security Measures

Security researchers have unveiled a new malware process injection technique dubbed "Waiting Thread Hijacking"...

EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data

As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR),...