ddos

HTTP/2 Bomb — Remote DoS Exploit Hits Nginx, Apache, IIS, Envoy, and Cloudflare Pingora

A newly disclosed remote denial-of-service (DoS) exploit called “HTTP/2 Bomb” targets default HTTP/2 configurations in widely used web servers including nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora, allowing an attacker to exhaust tens of gigabytes of server memory within seconds. The exploit combines an HPACK compression bomb with a Slowloris-style connection hold to amplify memory usage, leading to significant server resource exhaustion; patches and mitigations have been released for some servers, while others require disabling HTTP/2 or proxying to mitigate risk.

https://cybersecuritynews.com/http-2-bomb-remote-dos-exploit/

How Developers Used Claude Code to Stop a Live DDoS Attack

BridgeMind’s API was targeted by a large-scale Distributed Denial of Service (DDoS) attack, which flooded it with millions of requests and caused service disruption. The team used Claude Code, an AI-based tool, to quickly analyze traffic and update AWS firewall rules to block the attack, then transitioned to Cloudflare’s edge protection and Pro Plan for more effective, cost-efficient long-term defense. This incident highlighted both the advantages of AI in detecting cyber threats and the evolving sophistication of attacks, underscoring the need for proactive, scalable cybersecurity strategies.

https://www.geeky-gadgets.com/claude-code-stops-ddos-attack/

Some Ubuntu Services Are Still Down Following Outages After DDoS Attack

Some Ubuntu services experienced outages for nearly a full day following a sustained Distributed Denial of Service (DDoS) attack that disrupted installs, updates, and Canonical’s web infrastructure. The attack was claimed by an Iraqi hacktivist group called The Islamic Cyber Resistance in Iraq 313 Team, which reportedly used a booter service named Beamed to launch the attack.

https://www.techradar.com/pro/security/some-ubuntu-services-are-still-down-following-outages-after-ddos-attack

DDoS Cyber Attack Makes eBay Lose $200m Per Day

A large-scale Distributed Denial of Service (DDoS) attack disrupted eBay's operations for 42 to 48 hours, causing an estimated loss of $200 million per day in transactions. The pro-activist group 313 Team claimed responsibility, highlighting the significant financial and reputational damage such cyberattacks can inflict on major online platforms.

https://www.cybersecurity-insiders.com/ddos-cyber-attack-makes-ebay-lose-200m-per-day/

“Hackers Can Now Launch Massive 2Tbps Attacks”: Report Reveals Staggering 10x Growth in Botnet Size with Record-Breaking DDoS Incidents Peaking for 40 Minutes as Multi-Vector Attacks Grow in Complexity and Become Harder to Dismantle

Security researchers report a massive 10-fold growth in the size of the largest botnet, which expanded from 1.33 million to 13.5 million infected devices within a year, enabling hackers to launch unprecedented sustained DDoS attacks exceeding 2 Tbps and lasting over 40 minutes. These increasingly complex multi-vector attacks, often commanded via blockchain-based systems, pose greater challenges for mitigation as traffic now originates worldwide, rendering traditional defenses less effective.

https://www.techradar.com/pro/hackers-can-now-launch-massive-2tbps-attacks-report-reveals-staggering-10x-growth-in-botnet-size-with-record-breaking-ddos-incidents-peaking-for-40-minutes-as-multi-vector-attacks-grow-in-complexity-and-become-harder-to-dismantle

The Volunteer DDoS: Why AI Security Tools Are Breaking the Infrastructure They’re Meant to Protect

The article discusses how AI security tools, designed to identify vulnerabilities rapidly, are overwhelming open source software maintainers with excessive, low-quality reports, creating a “volunteer DDoS” effect that hinders real security work. It highlights the need for improved governance and trust frameworks—like those developed by the OpenSSF, including SAFE-MCP, OSS-CRS, and OMS—to filter AI findings, verify model provenance, enforce scoped permissions, and maintain human review, emphasizing that existing community-driven governance structures are crucial to managing AI-driven security challenges effectively.

https://hackernoon.com/the-volunteer-ddos-why-ai-security-tools-are-breaking-the-infrastructure-theyre-meant-to-protect

European Police Email 75,000 People Asking Them to Stop DDoS Attacks

Europol and global law enforcement agencies have launched Operation PowerOFF, sending warning emails to over 75,000 individuals suspected of using DDoS-for-hire services that enable cyberattacks without technical skills. The operation resulted in four arrests, seizure of 53 domains, and 24 executed search warrants, targeting the disruption caused by these easily accessible cyberattacks.

https://techcrunch.com/2026/04/16/european-police-email-75000-people-asking-them-to-stop-ddos-attacks/

Global Crackdown Dismantles 4 Botnets Behind Major DDoS Attacks

International law enforcement agencies, including the US DOJ and FBI, have successfully dismantled the Aisuru, KimWolf, JackSkid, and Mossad botnets, which hijacked over three million IoT devices to execute large-scale DDoS attacks. This coordinated operation involved seizing domains and servers to disrupt these networks responsible for record-breaking cyberattacks, highlighting the significant threat posed by cybercriminals exploiting everyday devices worldwide.

https://hackread.com/crackdown-dismantles-4-botnets-ddos-attacks/

Law Enforcement Shuts Down Botnet Made of Tens of Thousands of Hacked Routers

Global law enforcement shut down the SocksEscort botnet, compromising 369,000 routers, facilitating crimes like bank hacks and fraudulent claims, costing millions. The criminal service offered proxy access to hacked devices. The botnet posed significant threats, with many victims in the US and UK.

https://techcrunch.com/2026/03/12/law-enforcement-shuts-down-botnet-made-of-tens-of-thousands-of-hacked-routers/

Link11 Releases European Cyber Report 2026: DDoS Attacks Become a Constant Threat

DDoS attacks surged in 2025, with a 75% increase, becoming a constant threat to digital infrastructures in Europe. Attacks lasted up to 12,388 minutes, and follow-up incidents increased by 80%. Link11 recommends continuous DDoS protection, advanced web application security, and AI-based detection for resilience against evolving threats.

https://markets.businessinsider.com/news/currencies/link11-releases-european-cyber-report-2026-ddos-attacks-become-a-constant-threat-1035885265

Dramatic Escalation Frequency and Power of in DDoS Attacks

Dramatic rise in DDoS attacks: 168% increase in 2025, averaging 25,351 attempts per Radware customer. Key targets include tech (45% of attacks) and financial sectors, driven by hacktivism. Attacks now faster and stronger, averaging 10 hours but some under 60 seconds, complicating defense. Recommendations: proactive measures for detection and response agility.

https://www.infosecurity-magazine.com/news/ddos-escalation-frequency-power/

Wikipedia Blacklists Archive.today, Starts Removing 695,000 Archive Links

The English-language edition of Wikipedia is blacklisting Archive.today after discovering the site altered webpage snapshots to insert the name of a targeted blogger. This alteration, along with the site’s use in a DDoS attack, led to a consensus among Wikipedia editors to remove all links to Archive.today. The decision was influenced by concerns over the site’s reliability and the potential security risks it poses to users.

https://arstechnica.com/tech-policy/2026/02/wikipedia-bans-archive-today-after-site-executed-ddos-and-altered-web-captures/

Kimwolf Botnet Swamps Anonymity Network I2P

Kimwolf botnet disrupts I2P, an anonymity network, by overwhelming it with infected devices. Emerged in late 2025, it turns IoT devices into relays for DDoS attacks. Users reported connectivity issues as Kimwolf attempted to escape detection by taking over I2P nodes. This “Sybil attack” compromised the network's integrity, reducing its capacity. Experts believe Kimwolf's operators are experimenting with I2P for stability amid takedown attempts, though botnet numbers are declining due to internal issues and errors.

https://krebsonsecurity.com/2026/02/kimwolf-botnet-swamps-anonymity-network-i2p/

Italy and Germany Under DDoS Assault: Weekly DDoS Threat Intelligence Analysis

SOCRadar reports a DDoS campaign by the pro-Russian group NoName057(16) targeting Italy and Germany from February 2-8, 2026. It involved 8,101 attacks on 160 domains across multiple sectors, focusing heavily on government infrastructure, sports organizations, and critical services. Italy (42.9%) and Germany (29.5%) were primary targets, demonstrating a shift to geographically diverse attacks against NATO members. Attack methods included HTTP floods and TCP SYN floods, primarily hitting port 443 (HTTPS). This reflects a coordinated strategy aligning with geopolitical contexts.

https://socradar.io/blog/italy-germany-under-ddos-9-feb26/

A Rise in Hacktivist Attacks Puts All Web Applications at Risk, Warns UK’s NCSC

UK's NCSC warns of rising pro-Russia hacktivist DDoS attacks threatening web applications. These attacks disrupt services, erode trust, and may target sensitive data. Organizations must enhance web application security to protect against DDoS and other threats, ensuring operational resilience. Barracuda offers multilayered protection, including real-time threat intelligence, to safeguard digital services.

https://blog.barracuda.com/2026/02/06/hacktivist-attacks-web-applications-risk-ncsc

Scroll to Top