frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Remote DoS in a specific Litespeed environment via a single curl request

1•jflabelle•4h ago
Last month, I discovered a remote denial-of-service (DoS) vulnerability affecting Litespeed web servers in a very specific runtime environment. The exploit requires only a single malformed curl request and can crash the server instantly, no authentication or large payload required.

We took time to conduct further testing and properly document the behavior to ensure a complete and responsible disclosure. On May 8, 2025, we submitted our findings to LiteSpeed Technologies, including a way to restore the server after an attack. However, this mitigation does not prevent the vulnerability from being triggered again until a proper patch is applied.

LiteSpeed reproduced the issue within 1 hour and 34 minutes, and their engineers are currently working on a patch.

The affected configuration is rare in production but simple enough to trigger, making it noteworthy. Once the patch is released, we’ll publish the full technical breakdown, including the exact curl command.

Full article: https://reptile.tech/blog/remote-dos-specific-environment-litespeed-web-server/

An LLM-Based Parameterized Biography Generator

https://lmacfadyen.com/
1•mecredis•1m ago•0 comments

Why Catholics Are Not Christian [video]

https://cdn.christianfilms.net/Why_Catholics_Are_Not_Christian.mp4
1•callnomanfather•1m ago•0 comments

Rierino Developer Edition – Now on AWS Marketplace

https://aws.amazon.com/marketplace/pp/prodview-up2fcxku3k742
1•bozmen•1m ago•0 comments

A brief history of the standard model, our theory of almost everything (2023)

https://www.newscientist.com/article/mg25934553-600-a-brief-history-of-the-standard-model-our-theory-of-almost-everything/
1•indigodaddy•2m ago•1 comments

The Bull Case for an AI Investment Bank

https://www.fullydistributed.co/p/the-bull-case-for-an-ai-native-investment
1•eldarov•3m ago•0 comments

Fedora Linux is now an official WSL distro

https://devblogs.microsoft.com/commandline/fedora-linux-is-now-an-official-wsl-distro/
2•thunderbong•5m ago•0 comments

Consumer Watchdog Halts Google Payment Supervision

https://www.bloomberg.com/news/articles/2025-05-08/consumer-watchdog-halts-biden-era-google-payment-supervision
1•JumpCrisscross•5m ago•0 comments

Righting Integration Testing's Wrongs with PGLite

https://numeric.substack.com/p/righting-integration-testings-wrongs
1•bihla•7m ago•0 comments

Remember AI Engineers, Your Evals Are Your Product

https://blog.usetusk.ai/blog/your-evals-are-your-product
1•Marceltan•9m ago•0 comments

The Gili Ra'anan model: Questions emerging from Cyberstarts' remarkable success

https://www.calcalistech.com/ctechnews/article/b1a1jn00hc
1•gpi•10m ago•0 comments

Law Enforcement Seizes 9 DDoS-for-Hire Webpages as Part of Global Crackdown

https://www.justice.gov/usao-cdca/pr/law-enforcement-seizes-9-ddos-hire-webpages-part-global-crackdown-booter-and-stresser
2•oavioklein•10m ago•0 comments

Ask HN: Why do companies, e.g., banks, still apply a geofence?

2•whyage•12m ago•3 comments

Google is using AI to identify scammy websites on Chrome when you click on them

https://www.cnn.com/2025/05/08/tech/google-ai-preventing-scams-search-chrome
2•Bender•13m ago•1 comments

Simple Web Components Editor

https://qeditor.dev/
1•throwaway20174•14m ago•0 comments

Ivar: Ruby's Missing Instance Variable Typo Warnings

https://avdi.codes/announcing-ivar-rubys-missing-instance-variable-typo-warnings/
1•todsacerdoti•14m ago•0 comments

NBC to use AI to recreate Jim Fagan's voiceover for NBA games in homage to 1990s

https://www.nytimes.com/athletic/6335267/2025/05/06/nbc-ai-jim-fagan-nba-voice-old-school/
1•speckx•15m ago•0 comments

Meta Will Make Friends

https://www.bloomberg.com/opinion/newsletters/2025-05-08/meta-will-make-friends
1•ioblomov•16m ago•0 comments

Block Diffusion: Interpolating Autoregressive and Diffusion Language Models

https://m-arriola.com/bd3lms/
2•t55•18m ago•0 comments

Are you more likely to die on your birthday?

https://pudding.cool/2025/04/birthday-effect/
3•HypnoticOcelot•18m ago•0 comments

New framework suggests stars dissolve into neutrons to forge heavy elements

https://phys.org/news/2025-04-framework-stars-dissolve-neutrons-forge.html
2•PaulHoule•18m ago•0 comments

Sub-millimeter waveguide shrinks augmented-reality glasses

https://phys.org/news/2025-05-glass-full-millimeter-waveguide-augmented.html
2•alejohausner•18m ago•0 comments

Doge-led software revamp to speed US job cuts even as Musk steps back

https://www.reuters.com/business/world-at-work/doge-led-software-revamp-speed-us-job-cuts-even-musk-steps-back-2025-05-08/
1•rntn•20m ago•0 comments

Multimodal Late Interaction Models

https://mixpeek.com/blog/multimodal-late-interaction
2•Beefin•20m ago•0 comments

How to stay in flow while using Cursor or Windsurf

https://rehearsal.so/blog/how_to_stay_in_flow_while_using_cursor_or_windsurf
2•t55•20m ago•0 comments

Polymarket failed to predict the Pope vote

https://twitter.com/uxm1ke/status/1920530645723308267
1•wslh•21m ago•0 comments

Proba-3 achieves precise formation flying

https://www.esa.int/Enabling_Support/Space_Engineering_Technology/Proba-3_achieves_precise_formation_flying
1•eloycoto•21m ago•0 comments

Delta Air Lines class action cleared for takeoff over CrowdStrike chaos

https://www.theregister.com/2025/05/07/delta_crowdstrike_class_action/
2•Bender•21m ago•0 comments

Top 100 Greatest Rappers (All-Time)

1•Big_Josh•22m ago•0 comments

No-Parking Zone: The Perils of Finding a Spot in NYC

https://www.newyorker.com/magazine/2025/05/12/no-parking-zone-the-perils-of-finding-a-spot-in-nyc
1•fortran77•24m ago•1 comments

Simple Firefox add-on to easily copy XHR Authorization header

https://github.com/andrewarrow/xhr_auth
1•andrewfromx•29m ago•0 comments