Microsoft

Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know

On October 14, 2025, Microsoft released a security update addressing CVE-2025-55315, a vulnerability in ASP.NET Core that allows HTTP request smuggling. While request smuggling is a known technique, ...
GitHub

jixiaoyong/flutter_ali_http_dns

┌──────────────────────────────────────────────────────� ...
GitHub

[http] Requests fail with SocketException when flutter app goes in to background

package:http type-bugIncorrect behavior (everything from a crash to more subtle misbehavior)Incorrect behavior (everything from a crash to more subtle misbehavior) I configured the authentication ...
The Hacker News

New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks

Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks. "MadeYouReset ...
SecurityWeek

New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites

A desync attack method leveraging HTTP/1.1 vulnerabilities impacted many websites and earned researchers more than $200,000 in bug bounties. New variants of the HTTP request smuggling attack method ...
Microsoft

Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2

Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol ...