Bleeping Computer

New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular CDNs

Details have emerged about a new class of web cache poisoning attacks that could be used to deny users access to resources delivered through a content delivery network (CDN). Named Cache-Poisoned ...
Dark Reading

CDN Cache Poisoning Allows DoS Attacks Against Cloud Apps

A Romanian vulnerability researcher has discovered more than 70 flaws in combinations of cloud applications and content delivery networks (CDNs) that could be used to poison the CDN caches and result ...
Threat Post

Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability

Vanilla Forums open source software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute ...
ZDNet

CPDoS attack can poison CDNs to deliver error pages instead of legitimate sites

Two academics from the Technical University of Cologne (TH Koln) have disclosed this week a new type of web attack that can poison content delivery networks (CDNs ...
Dark Reading

Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks

A researcher has created a method for testing and identifying how HTTP/HTTPS headers can be abused to sneak malicious code into back-end servers. Daniel Thatcher, researcher and penetration tester at ...
Searchenginejournal.com

Google Answers Question About Core Web Vitals “Poisoning”

Someone posted details of a novel negative SEO attack that they said appeared to be a Core Web Vitals performance poisoning attack. Google’s John Mueller and Chrome’s Barry Pollard assisted in ...