Security news aggregator

Latest coverage for TOR

Tor is an anonymity network that routes traffic through relays, supporting privacy while also complicating the investigation of online abuse.

65 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Tor is an open-source privacy network that routes Internet traffic through a sequence of volunteer-operated relays. Layered encryption limits what each relay can learn about the connection, helping users resist traffic monitoring, censorship, and location tracking. Tor also supports onion services, which are reachable within Tor without exposing a conventional server address. It provides anonymity protections, not a guarantee of anonymity or confidentiality.

Security practitioners should remember that Tor does not encrypt traffic beyond the network: an exit relay can observe unencrypted application data, so HTTPS and secure application design remain necessary. Endpoint compromise, unsafe browser configuration, fingerprinting, or opening downloaded content can also identify or harm a user. A powerful observer may correlate traffic entering and leaving the network. In enterprise investigations, Tor connections are useful leads but weak attribution evidence because many unrelated users share relay addresses; correlate them with authentication, endpoint, and application telemetry rather than treating a Tor IP as proof of malicious activity.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 65 Filtered view

USB .lnk malware steals crypto via clipboard hijack, replaces wallet addresses, steals seed phrases, and screenshots. Microsoft Threat Intelligence has been tracking a clipboard-stealing malware (Clipper) campaign since February 2026 that targets cryptocurrency wallets. A clipper is a type of malicious software that monitors and manipulates your clipboard, the temporary memory where data is stored […]

Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026 with clipboard-intercepting malware with self-spreading capabilities and using the Tor anonymity network to hide communication

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, Tor-based communications, and worm-like propagation. Beyond stealing cryptocurrency transactions, the malware establishes persistent access and enables follow-on activity through a lightweight backdoor capability. The post Crypto Clipper uses Tor and worm-like propagation for persistence and control appeared first on Microsoft Security Blog.

ShinyHunters leaked 234 GB of data allegedly stolen from DentaQuest after failed negotiations, potentially impacting 2.6 million people. The ShinyHunters extortion group has published a 234 GB archive of data allegedly stolen from dental benefits administrator DentaQuest. The cybercrime gang added the company to its Tor data leak site in May, and the data was […]

YouTube vids explain digital tradecraft to reach spooks over Tor or VPN without blowing your cover The UK’s Secret Intelligence Service, aka MI6, has created a dark web portal called “Silent Courier” that it hopes would-be foreign informants will find a suitably secure means of sharing secrets.…

Loading more headlines...