The HTTP/2 Bomb exploit chains two known denial-of-service (DoS) attack techniques to knock major web servers offline.

Wilmington, DE, June 04, 2026 (GLOBE NEWSWIRE) -- The Apache Software Foundation (ASF), the global home of open source software the world relies on, today announced that Apachy Livy has become a ...

We can thank AI for a new denial-of-service (DoS) technique that can knock a server offline in mere seconds, using nothing but a single computer with a 100 Mbps connection. Earlier this week, ...

Support und Foren rund um Linux, OpenSource und Freie Software. Angebote wie News, Berichte, Workshops, Tipps, Links und Kalender.

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.

OpenAI Codex helped Calif, an AI red-teaming security group, expose HTTP/2 Bomb, a denial-of-service attack that combines old HTTP/2 compression and connection-holding techniques against current ...

CVE-2025-57735 exposed a critical flaw in Apache Airflow’s session management: JSON Web Tokens (JWTs) remained valid even ...

The next threat your server faces may have been helped along by a bot. OpenAI's Codex agent helped uncover a remote denial-of-service (DoS) exploit that can be launched from a single machine to render ...

DuckDB has recently announced Quack, a new remote protocol over HTTP that lets multiple DuckDB instances connect to and work ...

TL;DR: CVE-2026-49975, dubbed the “HTTP/2 Bomb,” is a critical remote Denial-of-Service (DoS) vulnerability affecting default HTTP/2 configurations of major web servers including NGINX, Apache HTTPD, ...

AI assistants, on-device models, security flaws, major breaches, and SpaceX’s record IPO plans shaped a fast-moving week in ...