Dark Reading

New HTTP Request Smuggling Attacks Target Web Browsers

BLACK HAT USA – LAS VEGAS – A security researcher who previously demonstrated how attackers can abuse weaknesses in the way websites handle HTTP requests warned that the same issues can be used in ...
Arabian Post

Pingora proxy flaws raise cache poisoning risks: Cloudflare

Security vulnerabilities discovered in the open-source Pingora framework have triggered renewed scrutiny of infrastructure software used to route vast volumes of internet traffic, after researchers ...
Dark Reading

Why Should I Care About HTTP Request Smuggling?

Question: What is HTTP request smuggling, what are the risks, and how does server configuration impact the severity? Asaf Karas, CTO, JFrog Security: HTTP request smuggling is a type of vulnerability ...
ZDNet

HAProxy urges users to update after HTTP request smuggling vulnerability found

Users of HAProxy 2.0 and later versions are being urged to push through updates after a vulnerability was found that could allow "an attacker to bypass the check for a duplicate HTTP Content-Length ...
CSOonline

Major SAP vulnerability requires urgent patch to prevent HTTP request smuggling attacks

Exploitation possible via simple HTTP request In a report, Onapsis stated that the vulnerability can be exploited via an attack known as HTTP request smuggling, which can be used to steal credentials ...