Morning Overview on MSN

The Fortinet hole, rated 9.1, lets an unauthenticated attacker run commands through a single crafted request, and a full patch is still pending

Organizations running Fortinet FortiWeb, the company’s web application firewall, face an immediate threat: a single crafted ...
winbuzzer.com

OpenAI Codex Helps Expose Decades Old HTTP/2 Bomb Server Attack

OpenAI Codex helped Calif, an AI red-teaming security group, expose HTTP/2 Bomb, a denial-of-service attack that combines old HTTP/2 compression and connection-holding techniques against current ...

OpenAI Codex helps identify HTTP/2 vulnerability affecting major web servers

The DoS attack can strike down a web server in just a few seconds ...
CSOonline

HTTP/2’s speed abused to slow webserver performance in DoS attack

Security researchers are warning of an issue with the default HTTP/2 configuration used by major web servers which reportedly survived more than a decade of human review before showing up in ...