Hosted on MSN

An Apache HTTP server flaw lets attackers crash — or take over — millions of web servers with a single HTTP/2 request

A single malformed web request is all it takes. On May 4, 2026, the Apache Software Foundation quietly filed a vulnerability report with the National Vulnerability Database disclosing a critical flaw ...
ZDNet

Apache's new security update for HTTP Server fixes two flaws

The Apache Software Foundation has released an update to address a critical flaw in its hugely popular web server that allows remote attackers to take control of a vulnerable system. The first Apache ...
Bleeping Computer

Apache emergency update fixes incomplete patch for exploited bug

Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. Apache HTTP Server ...
Bleeping Computer

Apache fixes actively exploited zero-day vulnerability, patch now

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...