Latest news
Vulnerability
HTTP/2 Bomb: Single-Attacker Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora
8 June 2026 dark6
A newly disclosed exploit called the 'HTTP/2 Bomb' can exhaust tens of gigabytes of server memory in seconds using just...
Vulnerability
Critical Apache HTTP Server 2.4.67 Patches RCE Flaw CVE-2026-23918 — Upgrade All Servers Immediately
5 May 2026 dark6
Apache has released HTTP Server 2.4.67, patching five vulnerabilities including a critical double-free bug CVE-2026-23918 (CVSS 8.8) in the HTTP/2...