Threat Post

Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS

Don’t freak: It’s got nothing to do with Log4Shell, except it may be just as far-reaching as Log4j, given HTTPD’s tendency to tiptoe into software projects. Don’t duck at the latest mention of Apache: ...
ZDNet

CISA releases advisory on five Apache HTTP server vulnerabilities affecting Cisco products

Cisco noted that one of the vulnerabilities in the mod_proxy module of Apache HTTP Server (httpd) could allow an unauthenticated, remote attacker to make the httpd server forward requests to an ...
The Hacker News

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.