The Hacker News

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.
Tech Xplore on MSN

Real-time X-ray compression shrinks file size by 8,000 times

Researchers led by Takaki Hatsui at the RIKEN SPring-8 Center (RSC) in Japan and collaborators have developed a new approach ...
InfoQ

Why Vector Search Alone Isn't Enough: Hybrid Retrieval for RAG

In this article, author Aaditya Chauhan discusses the limitations of RAG pipelines based purely on vector search and how an ...
CSOonline

HTTP/2’s speed abused to slow webserver performance in DoS attack

Security researchers are warning of an issue with the default HTTP/2 configuration used by major web servers which reportedly survived more than a decade of human review before showing up in ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...
winbuzzer.com

OpenAI Codex Helps Expose Decades Old HTTP/2 Bomb Server Attack

OpenAI Codex helped Calif, an AI red-teaming security group, expose HTTP/2 Bomb, a denial-of-service attack that combines old HTTP/2 compression and connection-holding techniques against current ...