Tor Browser 8.5.2 released with a fix for critical security updates in that allows an attacker to run malicious code on the vulnerable machine without user interaction.
Also, we update NoScript to 10.6.3, fixing a few issues. Tor Users with the safer and safest security levels were not affected by this security issue, reads the blog post.
This critical zero-day vulnerability initially reported to Mozilla by Samuel Groß, a member of Google Project Zero and Coinbase Security.
Attackers actively targeted the discovered JavaScript type confusion vulnerability that leads to an exploitable crash. Users are urged to update the new version immediately to protect themselves from this zero-day exploit.
The bug doesn’t affect the Tor users who were running under safer and safest security levels. Unfortunately, the release is not available for Android version as the development team unable to access the Android signing token.
Android users are recommended using Tor with safer or safest security levels. You can change the security level under Security Settings.
Tor Browser 8.5.1 released for Windows, Linux and Mac and Android earlier this month. It is the first bug fix release in the 8.5 series.
You can Download Tor Browser 8.5.2 from Here Tor Browser and distribution directory. The Android version is available from Google Play
Follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
TOP 11 Deep Web Search Engine Alternative for Google and Bing 2019
Top 5 Best Dark Web Browser for Anonymous Web Browsing With Ultimate Privacy
TOR and VPN Anonymous Enough for Dark Web
Dark Web Secrets: What Should You Know About Your Information Being on the Dark Web?
How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that…
A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been…
Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series…
A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox,…
A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has…
The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial…