New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks

Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks. "MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous

Read more https://thehackernews.com/2025/08/new-http2-madeyoureset-vulnerability.html