Sunday, May 18, 2025
HomeSecurity NewsCritical Tor Browser Bug "TorMoil" Allows to the Leakage of Your ...

Critical Tor Browser Bug “TorMoil” Allows to the Leakage of Your Real IP Address

Published on

SIEM as a Service

Follow Us on Google News

A Critical Tor Browser Bug called “TorMoil” Allows to Leak your real IP Address that you’re using for Browsing especially this critical security vulnerability affecting Mac and Linux users.

Tor Browser is Providing good level of anonymity and security and you are able to gain access to .onion websites through your dark web browser.

It prevents some person viewing your Internet connection from realizing what websites you visit, it prevents the websites you visit from learning your physical location, and it gives you a chance to get to websites which are blocked.

According to Segment a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser

Apart from This Tor Browser Bug , Torrent file-sharing applications have been observed to ignore proxy settings and make direct connections even when they are told to use Tor. so this is already warned by Tor Team that don’t use Torrent file-sharing.

- Advertisement - Google News

Also Read :   TOR and VPN Anonymous enough for Dark Web

Even if your torrent application connects only through Tor, you will often send out your real IP address in the tracker GET request, because that’s how torrents work

After Reporting This Bug to Tor team Started working with the help of Mozilla engineers This Critical Bug Successfully fixed by Tor Security Experts and Release Patch with Tor Browser 7.0.9 version update. Tor Browser 7.0.9 is now available for both macOS and Linux Users.

According to Tor Team, We are currently preparing updated macOS and Linux bundles for our alpha series which will be tentatively available on Monday, November 6. Meanwhile, macOS and Linux users on that series are strongly encouraged to use the stable bundles or one of the above-mentioned tools that are not affected by the underlying problem.

If you are one of those people that rely on Tor Browser to safely browse the Internet, the message is just one: keep your Tor Browser updated!

Tor Browser Bug Fix for OS X and Linux.

  • OS X – Bug 24052: Streamline handling of file:// resources
  • Linux – Bug 24052: Streamline handling of file:// resources
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering...

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for...

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign...

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection

Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs...

UK Government to Shift Away from Passwords in New Security Move

UK government has unveiled plans to implement passkey technology across its digital services later...

New Spam Campaign Leverages Remote Monitoring Tools to Exploit Organizations

A sophisticated spam campaign targeting Portuguese-speaking users in Brazil has been uncovered by Cisco...