InfoSecBulletin Cybersecurity for mankind
A new technique for launching distributed denial of service (DDoS) attacks has been discovered. It is identified as CVE-2023-44487 and has a high severity rating of 7.5. In addition, this vulnerability has been known to be actively exploited by threat actors in the wild.
Samsung phone is saving your passwords in plain text
UK Software Firm Exposed 8 million of Healthcare Worker Records
GitHub Enterprise Server Vulns Expose Risk of Code Execution
CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE
CISA warns of increasing risk tied to Oracle legacy Cloud leak
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
Apple released emergency security updates for 2 zero-day vulns
Oracle Released Patched for 378 flaws for April 2025
CVE-2023-44487: HTTP/2 Rapid Reset
A threat actor could exploit this vulnerability by leveraging an HTTP/2 weakness, causing a Distributed Denial of Service on vulnerable Cisco devices.
HTTP/2 rapid reset is a type of attack that uses the efficiency of the HTTP/2 protocol to launch a DDoS attack.
A threat actor can make the client open many simultaneous streams on one TCP connection, with each stream corresponding to an HTTP request.
Click here to read the full article.
BD CIRT published CVE of f5, Apache, Juniper, Citrix and Atlassian
