Ars Technica

HTTP/2 finished, coming to browsers within weeks

The Internet Engineering Task Force’s HTTP Working Group has finalized its work on Hypertext Transfer Protocol 2, the successor to the HTTP/1.0 and HTTP/1.1 protocols that are the core of the Web. The ...
InfoWorld

HTTP/2: A jump-start for Java developers

HTTP/2 was approved in February 2015 as the successor to the original web communication protocol. While it is in the last stages of finalization, the standard has already been implemented by early ...
Searchenginejournal.com

Googlebot Begins Crawling With HTTP/2 Protocol

Google updated their Googlebot Developers Support Page to reflect that Google is now able to try downloading pages via the latest HTTP/2 protocol. This is effective November 2020. The Googlebot ...
Ars Technica

Biggest DDoSes of all time generated by protocol 0-day in HTTP/2

In August and September, threat actors unleashed the biggest distributed denial-of-service attacks in Internet history by exploiting a previously unknown vulnerability in a key technical protocol.
Dark Reading

New HTTP Request Smuggling Attacks Target Web Browsers

BLACK HAT USA – LAS VEGAS – A security researcher who previously demonstrated how attackers can abuse weaknesses in the way websites handle HTTP requests warned that the same issues can be used in ...
TechRepublic

New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare

New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare Your email has been sent A vulnerability in the HTTP/2 network protocol is currently being ...
CSOonline

Built-in weakness in HTTP/2 protocol exploited for massive DDoS attacks

HTTP/2-enabled DDoS attacks are the largest Cloudflare and Google have seen and were launched from a relatively small botnet. Over the past two months attackers have been abusing a feature of the HTTP ...