The Hacker News

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.
ZDNet

Apache's new security update for HTTP Server fixes two flaws

The Apache Software Foundation has released an update to address a critical flaw in its hugely popular web server that allows remote attackers to take control of a vulnerable system. The first Apache ...

OpenAI Codex helps identify HTTP/2 vulnerability affecting major web servers

The DoS attack can strike down a web server in just a few seconds ...
Yahoo Finance

The Apache® Software Foundation Announces New Top-Level Project

Wilmington, DE, June 04, 2026 (GLOBE NEWSWIRE) -- The Apache Software Foundation (ASF), the global home of open source software the world relies on, today announced that Apachy Livy has become a ...