738 matches found
Largest DDoS Attack to Date
It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It...
⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don't seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain sight. It's worth...
Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
Cloudflare on Thursday said it autonomously blocked the largest distributed denial-of-service DDoS attack ever recorded, which hit a peak of 7.3 terabits per second Tbps. The attack, which was detected in mid-May 2025, targeted an unnamed hosting provider. "Hosting providers and critical Internet...
How to Protect Your Online Presence from Devastating DDoS Attacks
Today, your internet presence is much more than just a website or social media profile, it's like your…...
CVE-2024-31992
Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safescrapehtml function utilizes a user-controlled URL to issue a request to a remote server, however these requests are not rate-limited. While there are efforts to prevent DDoS by implementing a timeout on requests, it...
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
KrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices...
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
KrebsOnSecurity last week was hit by a near record distributed denial-of-service DDoS attack that clocked in at more than 6.3 terabits of data per second a terabit is one trillion bits of data. The brief attack appears to have been a test run for a massive new Internet of Things IoT botnet capabl...
A DDoS Attack Just Breached Your Defenses — Now What?
...
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks
Europol has announced the takedown of distributed denial of service DDoS-for-hire services that were used to launch thousands of cyber-attacks across the world. In connection with the operation, Polish authorities have arrested four individuals aged between 19 and 22 and the United States has...
Qrator Labs Reports Mitigating Year’s Largest DDoS Attack to Date
Qrator Labs reports it mitigated a massive record 965 Gbps DDoS attack in April 2025, the largest incident…...
Exploit for Uncontrolled Resource Consumption in Ietf Http
PoC - CVE-2023-44487: HTTP/2 Rapid Reset Attack Este reposito...
Exploit for Uncontrolled Resource Consumption in Ietf Http
PoC - CVE-2023-44487: HTTP/2 Rapid Reset Attack Este reposito...
CVE-2023-0881
Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nftlookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package...
Oracle Linux 9 : nginx:1.24 (ELSA-2025-3262)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3262 advisory. - Resolves: RHEL-84480 - nginx:1.24/nginx: specially crafted MP4 file may cause denial of service CVE-2024-7347 - Resolves: RHEL-12737 - nginx:1.22/nginx: HTTP/...
nginx:1.22 security update
1.22.1-8.0.1.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.22.1-8.1 - Resolves: RHEL-84486 - nginx:1.22/nginx: specially crafted MP4 file may cause denial of service CVE-2024-7347 1:1.22.1-8 - Resolves: RHEL-49349 - nginx worker...
CVE-2025-26604
Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract...
CVE-2025-26604
Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract...
CVE-2025-26604
Discord-Bot-Framework-Kernel is affected by CVE-2025-26604 due to an arbitrary user-submitted code execution vulnerability. A malicious module can extract the bot token and, with high privileges, allow the attacker to impersonate the bot or gain near-full control; a blocking module can also be lo...
CVE-2025-26604 Possibility to retrieve bot token by malicious module developers in Discord-Bot-Framework-Kernel
Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract...
CVE-2022-1699
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...