Net DirXions Inc.

🚨 HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora Source: https://t.co/aw380067fE A newly disclosed remote denial-of-service exploit dubbed "HTTP/2 Bomb" targets the default HTTP/2 configurations of the world's most widely deployed web servers, nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora, enabling a single attacker on a home internet connection to exhaust tens of gigabytes of server memory in seconds. Chaining two techniques that have individually been known to the security community for nearly a decade: an HPACK compression bomb and a Slowloris-style connection hold. #cybersecuritynews #vulnerability

🚨 Microsoft warns two Defender vulnerabilities are being actively exploited in the wild. https://t.co/z92odj1gF0 🔸 CVE-2026-41091 could allow attackers to gain SYSTEM privileges locally. 🔸 CVE-2026-45498 is a denial-of-service flaw impacting Defender. CISA added both to KEV with a June 3, 2026 patch deadline.

🚨 GitHub Hacked - Internal Source Code Repositories Compromised via Employee Device Source: https://t.co/5gc68A17Q7 GitHub has confirmed unauthorized access to its internal repositories after detecting a compromised employee device infected through a malicious Visual Studio Code extension, the company disclosed in a series of official statements on May 20, 2026. GitHub's investigation indicates the attacker successfully exfiltrated data from GitHub-internal repositories only, with no confirmed impact on public or customer-hosted repositories at this stage. A notorious threat actor operating under the alias TeamPCP has claimed responsibility for the breach, alleging the exfiltration of proprietary organization data and source code. #cybersecuritynews