#Denial of Service
7 stories taggedDenial of Service.

CISA Orders Federal Agencies to Patch Palo Alto Firewall Flaw Being Exploited Now
A misconfigured URL filtering setting in Palo Alto Networks firewall software is letting attackers weaponise the firewalls themselves — turning them into unwitting cannons pointed at other targets.

Citrix Patches Six NetScaler Flaws, Including HTTP/2 Bomb DoS and a CitrixBleed Echo
Citrix is pushing customers to patch NetScaler after disclosing six vulnerabilities — among them a denial-of-service vector exploiting HTTP/2 frame handling and a high-severity information disclosure bug drawing uncomfortable comparisons to last year's CitrixBleed.

Poisoned Documents Can Freeze AI Agent Guardrails Dead in Their Tracks
Researchers found that a single malicious input can trap reasoning-based safety systems in extended thinking loops, slowing LangGraph deployments by 148x and starving co-located agents of resources.

CISA Flags SolarWinds Serv-U DoS Bug as Actively Exploited
CVE-2026-28318 crashes the file transfer service. Federal agencies get the usual three-week patch window.

HTTP/2 Bomb: A Decade-Old Compression Trick Finally Gets a CVE
A chained HPACK attack lets small packets force runaway memory allocation on nginx, Apache, IIS, Envoy, and Cloudflare's Pingora. Patches are partial. Exposure is wide.

HTTP/2 Default Configs Leave Web Servers Open to Compression-Bomb, Slowloris Combo Attack
A chained exploit targeting HTTP/2's default settings can take servers offline in seconds — no patch issued yet for the underlying configuration exposure.

HTTP/2 Bomb: Default Configs in NGINX, Apache, IIS, Envoy and Pingora Open Door to Remote DoS
A chained protocol abuse discovered by OpenAI Codex and disclosed by Calif knocks over five of the most widely deployed web servers in their out-of-the-box state.