‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in Seconds
The default HTTP/2 configuration of major web servers is vulnerable to an attack chain combining a compression bomb and a Slowloris-style hold. The post ‘HTTP/2 Bomb’ Exploit Knocks Web Se