The Hacker News

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.
Bleeping Computer

Apache emergency update fixes incomplete patch for exploited bug

Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. Apache HTTP Server ...
SecurityWeek

‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in Seconds

The HTTP/2 Bomb exploit chains two known denial-of-service (DoS) attack techniques to knock major web servers offline.

OpenAI Codex helps identify HTTP/2 vulnerability affecting major web servers

The DoS attack can strike down a web server in just a few seconds ...
Computer Weekly

Apache web server users urged to patch immediately

Users of the open source Apache HTTP Server who have updated to recently released version 2.4.49 are being urged to update to 2.4.50 immediately to apply fixes for a newly disclosed zero-day that is ...
ExtremeTech

Udemy Class Review: Complete Apache HTTP Server Course

Apache's HTTP web server is one of the most widely used web servers available today. The software is free and open-source, and it comes with a rich set of features. The Apache HTTP web server is also ...