来自MSN

A critical Apache HTTP/2 flaw gives attackers a working proof-of-concept for remote code ...

A vulnerability in Apache HTTP Server’s HTTP/2 protocol handling now has working exploit code circulating among security researchers, and at least one U.S. state government has issued an emergency ...
Bleeping Computer

New 'HTTP/2 Rapid Reset' zero-day attack breaks DDoS records

A new DDoS (distributed denial of service) technique named 'HTTP/2 Rapid Reset' has been actively exploited as a zero-day since August, breaking all previous records in magnitude. News of the zero-day ...
Wired

A New Protocol Vulnerability Will Haunt the Web for Years

Google, Amazon, Microsoft, and Cloudflare revealed this week that they battled massive, record-setting distributed denial of service attacks against their cloud infrastructure in August and September.
来自MSN

An Apache HTTP server flaw lets attackers crash — or take over — millions of web ...

A single malformed web request is all it takes. On May 4, 2026, the Apache Software Foundation quietly filed a vulnerability report with the National Vulnerability Database disclosing a critical flaw ...
CSOonline

Built-in weakness in HTTP/2 protocol exploited for massive DDoS attacks

HTTP/2-enabled DDoS attacks are the largest Cloudflare and Google have seen and were launched from a relatively small botnet. Over the past two months attackers have been abusing a feature of the HTTP ...