|
|
| FortiGuard Labs | FortiGuard Center - Outbreak Alerts |
HTTP/2 Bomb Denial-of-Service Vulnerability
Security researchers have disclosed a new denial-of-service (DoS) attack technique dubbed HTTP/2 Bomb, tracked as CVE-2026-49975, that affects multiple major HTTP/2 server implementations.
Unlike traditional volumetric DDoS attacks, HTTP/2 Bomb does not require a large botnet. Researchers demonstrated that a single attacker operating from a modest internet connection can generate sufficient resource exhaustion to disrupt vulnerable servers. |
Palo Alto Networks PAN-OS GlobalProtect Auth Bypass
Attackers are actively exploiting a PAN-OS GlobalProtect authentication bypass vulnerability to gain unauthorized VPN access to exposed Palo Alto Networks firewalls. An attacker who successfully exploits CVE-2026-0257 can:
- Establish unauthorized VPN sessions through affected GlobalProtect gateways.
- Bypass authentication controls without valid user credentials.
- Gain network-level access typically reserved for authenticated VPN users.
- Potentially facilitate further reconnaissance, lateral movement, or follow-on attacks within the victim environment. |
Citrix NetScaler Memory Overread Vulnerability
Exploitation activity targeting vulnerable Citrix NetScaler ADC and Gateway appliances remains persistent and widespread, with FortiGuard Labs telemetry continuously observing attack attempts from global sources probing exposed NetScaler SAML endpoints for vulnerable configurations.
Analysis from FortiGuard IPS sensors shows sustained targeting of internet-facing NetScaler deployments configured as SAML Identity Providers (IdP). Attackers continue using malformed authentication requests to exploit the memory overread condition associated with CVE-2026-3055, potentially exposing sensitive session data, authentication tokens, and credential material. |
| | Distributed by aarss.com. |
|
|
|
|
About Joe's Cable.
Established in 1995, Joe's Cable has ran over 100,000
feet of cable for small, medium, and large businesses, and residential
clients located in New Jersey, New York, and Pennsylvania.With
Technicians Certified in Network Systems Administration, PC Repair, and
Microsoft Certifications, Joe's Cable has become one of the leaders of
trust when it comes to our clients networks, and any PC related issues.
Joe's Cable has a vast amount of suppliers always giving our clients
the best prices on Surveillance Equipment, Computers and Upgrades,
Telephone Equipment, and of course Cabling and Supplies.
Call Joe's Cable to "Get Hooked Up" |
|