A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. […]
Tag: denialofservice
AI, APAC, Cybersecurity, Exploits, Global Security News
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. “The vulnerable behavior exists in each server’s default HTTP/2 configuration,” the company said, adding it was discovered by OpenAI Codex by chaining
Global Security News
US and Canada arrest and charge suspected Kimwolf botnet admin
U.S. and Canadian authorities arrested and charged a Canadian man with operating the KimWolf distributed denial-of-service (DDoS) botnet, which infected nearly two million devices worldwide. […]
AI, Exploits, Global Security News
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges. “Improper link resolution before file access (‘link following’)…
Global Security News, Network Security
New Cisco DoS flaw requires manual reboot to revive devices
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery. […]
AI, Apps, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management
Canonical Hit by Sustained DDoS Attack, Disrupting Ubuntu Services Worldwide
Canonical’s web infrastructure was knocked offline by a distributed denial-of-service (DDoS) attack, disrupting core Ubuntu services relied on by developers and security teams globally. “A direct extortion message sent to the Ubuntu team by the hacktivist group ‘The Islamic Cyber Resistance in Iraq – 313 Tea,’ has been detected,” said VECERT Analyzer in their X…
AI, Data Breaches, Global Security News, malware, Network Security
Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work…
Global Security News
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
The latest wave of “Operation PowerOFF,” on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and its users across 21 countries. […]
AI, Exploits, Global Security News, Government & Policy, malware, Risk Management
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild
A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentication remote code execution flaw that is now under active exploitation. Hackers are using it to deploy a persistent malware program that runs with root privileges. The CVE-2025-53521 vulnerability was first disclosed…
Global Security News
Fortinet BIG-IP Vulnerability Reclassified as RCE, Under Exploitation
CVE-2025-53521 was initially disclosed in October as a high-severity denial-of-service (DoS) flaw, but new information has revealed the bug is actually much more dangerous.
Exploits, Global Security News
Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on unpatched devices. […]
AI, Global Security News
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds. Cloudflare, which automatically detected and mitigated the activity, said it’s part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the botnet in the fourth…