'MadeYouReset' HTTP/2 flaw lets attackers DoS servers

Threat Score:
59
Theregister
15 hours ago
'MadeYouReset' HTTP/2 flaw lets attackers DoS servers

Overview

Research 'MadeYouReset' HTTP/2 flaw lets attackers DoS servers Researchers had to notify over 100 vendors of flaw that builds on 2023's Rapid Reset with neat twist past usual mitigations Security researchers Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel have published details of a "common design flaw" in implementations of the HyperText Transfer Protocol 2 (HTTP/2) allowing those with ill intent to create "massive Denial of Service attacks". And, being the underpinnings of the modern web, HT...

Related Articles

5 articles
4

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

The Hacker News 2 hours ago

Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifierCVE-2025-20265(CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. The networking equipment major said the issue

Score
82
Read more
5

CVE-2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware

Cybersecurity News 2 hours ago

A zero-day vulnerability in WinRAR allows malware to be deployed on unsuspecting users’ systems, highlighting the ongoing threats to popular software. Tracked as CVE-2025-8088, this path traversal flaw affects the Windows version of the widely used file archiving tool, enabling attackers to execute arbitrary code through specially crafted archives. The vulnerability, discovered in mid-July 2025, […]

Score
81
Read more