The Hacker News

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.
Dark Reading

Critical 'IngressNightmare' Vulns Imperil Kubernetes Environments

The maintainers of Kubernetes have released patches for four critical vulnerabilities in the Ingress NGINX Controller, affecting 6,500, or 41%, of all Internet-facing container orchestration clusters, ...