Security Boulevard

Imperva Customers Protected Against CVE-2026-49975 (HTTP/2 Bomb) DoS

TL;DR: CVE-2026-49975, dubbed the “HTTP/2 Bomb,” is a critical remote Denial-of-Service (DoS) vulnerability affecting default HTTP/2 configurations of major web servers including NGINX, Apache HTTPD, ...
heise online

NGINX Controller for Kubernetes: Kubernetes cluster can be compromised

Cloud environments that use Ingress NGINX Controller for Kubernetes are vulnerable. Security researchers from Wiz warn of thousands of publicly accessible instances from large companies via the ...