ZDNet

HAProxy urges users to update after HTTP request smuggling vulnerability found

Users of HAProxy 2.0 and later versions are being urged to push through updates after a vulnerability was found that could allow "an attacker to bypass the check for a duplicate HTTP Content-Length ...
Dark Reading

h2c Smuggling: A New 'Devastating' Kind of HTTP Request

A new type of hack that piggybacks malicious Web requests alongside legitimate ones could be used to create a broad range of havoc in an organization, a report from cybersecurity company Bishop Fox ...
Dark Reading

New HTTP Request Smuggling Attacks Target Web Browsers

BLACK HAT USA – LAS VEGAS – A security researcher who previously demonstrated how attackers can abuse weaknesses in the way websites handle HTTP requests warned that the same issues can be used in ...