HTTP/2 Protocol Exposes ‘MadeYouReset’ Vulnerability, Enabling Large-Scale DDoS Attacks

HTTP/2 Protocol Exposes 'MadeYouReset' Vulnerability, Enabling Large-Scale DDoS Attacks

Part01 Vulnerability Overview Security researchers have discovered a new type of Denial of Service (DoS) vulnerability in the implementation of the HTTP/2 protocol, named “MadeYouReset” (CVE-2025-8671). This vulnerability was publicly disclosed on August 13, 2025, marking a significant escalation in threats related to network protocols. Attackers can exploit this vulnerability to bypass built-in concurrency limits, … Read more

New HTTP/2 ‘MadeYouReset’ Vulnerability Can Trigger Large-Scale DoS Attacks

New HTTP/2 'MadeYouReset' Vulnerability Can Trigger Large-Scale DoS Attacks

A new attack technique known as MadeYouReset has been discovered, which affects various implementations of HTTP/2 and can be exploited to launch powerful denial-of-service (DoS) attacks. Researchers Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel stated: “MadeYouReset bypasses the limits typically imposed by servers, which allow a maximum of 100 concurrent HTTP/2 requests per TCP … Read more

The Era of HTTP/2.0 Has Arrived

The Era of HTTP/2.0 Has Arrived

KS Knowledge Sharing We are now in an era of resource sharing, as well as knowledge sharing. If you find this article informative, please share the knowledge with others! A Brief History of HTTP Development Above: Connection cannot be reused Above: Set Connection: Keep-Alive to keep the connection open for a period of time. Above: … Read more

A Method for Encrypted Video Recognition Based on HTTP/2 Multiplexing Features

A Method for Encrypted Video Recognition Based on HTTP/2 Multiplexing Features

Article Title: A Method for Encrypted Video Recognition Based on HTTP/2 Multiplexing Features All Authors: Wu Hua, Luo Hao, Zhao Shishun, Liu Songtao, Cheng Guang, Hu Xiaoyan First Affiliation: Southeast University, School of Cyberspace Security Publication Date: 2025, 36(7): 3375–3404 Abstract The rise of video application platforms has enabled rapid dissemination of videos, permeating various … Read more

Using The Http2 Module In Node.js

Using The Http2 Module In Node.js

Concept <span><span>http2</span></span> is a core module in Node.js used to implement the HTTP/2 protocol. HTTP/2 is an upgraded version of HTTP/1.1, designed to improve web performance. It introduces features like multiplexing, header compression, and server push, significantly reducing latency and improving data transfer efficiency. Importance Performance Improvement: HTTP/2 allows multiple requests and responses to be … Read more

HTTP/2: Making the Web Fly

HTTP/2: Making the Web Fly

/ Today’s Tech News /Recently, the Ministry of Industry and Information Technology released the “Opinions on Innovating the Management of the Information and Communication Industry and Optimizing the Business Environment”, which mentioned accelerating the revision of the “Telecommunication Business Classification Directory”, promoting business classification and definition to better meet the development needs of new technologies … Read more

4 Ways to Test If Your Website Implements HTTP/2

4 Ways to Test If Your Website Implements HTTP/2

In the previous article, we discussed how HTTP/2 brings lower bandwidth requirements, less network overhead, and reduced server memory usage. Now, let’s test whether the websites you operate and those of your competitors have implemented HTTP/2. Here are 4 methods to test if a website is using HTTP/2 1 Geekflare Online Testing Tool Method: Open … Read more

Upgrading Your Website to HTTP/2

“ Reading this article will take about 3 minutes. ” Recently, I wanted to upgrade my website’s protocol to HTTP/2, as it was previously HTTP/1.1. Since my website loads many resources in parallel, HTTP/2 improves upon HTTP/1.1 by allowing all connections to share a single TCP connection, and there is no limit on the number … Read more

From Text to Binary: HTTP/2 Beyond Performance, Inheriting and Innovating the Core Semantics of HTTP/1

From Text to Binary: HTTP/2 Beyond Performance, Inheriting and Innovating the Core Semantics of HTTP/1

The Cloud Native Computing Foundation (CNCF) is a non-profit open-source organization focused on promoting the development and standardization of cloud-native computing. gRPC (Google Remote Procedure Call) is a high-performance, cross-language RPC framework initiated and open-sourced by Google. In 2017, Google donated the gRPC project to CNCF, making it one of the core components of the … Read more

New HTTP Smuggling Attack Technique Allows Attackers to Inject Malicious Requests

New HTTP Smuggling Attack Technique Allows Attackers to Inject Malicious Requests

Overview of Attack Principles This complex HTTP request smuggling attack exploits the differences in parsing behavior between front-end proxy servers and back-end application servers. The new technique uses malformed chunked transfer encoding to bypass existing security controls and inject unauthorized secondary requests into web applications. Key Points Exploiting malformed HTTP chunked encoding to create parsing … Read more