The Brave web browser has a DNS leak about onion sites accessed in private browsing mode, in which traffic is redirected through the Tor network. Fixes that solve the problem have already been accepted into the Brave codebase and will soon be part of the next stable update.
The cause of the leak was an ad blocker, which was proposed to be disabled when working through Tor. Lately, to bypass ad blockers, ad networks have been loading ad units using the site's native subdomain, for which a CNAME record is created on the site's DNS server that points to the ad network's host. Thus, the ad code is formally downloaded from the same primary domain as the site, and therefore is not subject to blocking. To detect such manipulations and determine the host associated via CNAME, ad blockers perform additional name resolution in DNS.
In Brave, normal DNS queries when opening a site in private mode went through the Tor network, but the ad blocker performed CNAME resolution through the main DNS server, which led to information about the opened onion sites being leaked to the provider's DNS server. It is noteworthy that in Brave, the Tor-based private browsing mode is not positioned as guaranteeing anonymity, and users are warned in the documentation that it does not replace the Tor Browser, but only uses Tor as a proxy.
Source: opennet.ru