frontpage.

Last month, I discovered a remote denial-of-service (DoS) vulnerability affecting Litespeed web servers in a very specific runtime environment. The exploit requires only a single malformed curl request and can crash the server instantly, no authentication or large payload required.

We took time to conduct further testing and properly document the behavior to ensure a complete and responsible disclosure. On May 8, 2025, we submitted our findings to LiteSpeed Technologies, including a way to restore the server after an attack. However, this mitigation does not prevent the vulnerability from being triggered again until a proper patch is applied.

LiteSpeed reproduced the issue within 1 hour and 34 minutes, and their engineers are currently working on a patch.

The affected configuration is rare in production but simple enough to trigger, making it noteworthy. Once the patch is released, we’ll publish the full technical breakdown, including the exact curl command.

Full article: https://reptile.tech/blog/remote-dos-specific-environment-litespeed-web-server/

It's time for the world to boycott the US

Show HN: Semantic Search for terminal commands in the Browser (No Back end)

The AI CEO Experiment

Speed up responses with fast mode

MS-DOS game copy protection and cracks

Updates on GNU/Hurd progress [video]

Epstein took a photo of his 2015 dinner with Zuckerberg and Musk

MyFlames: Visualize MySQL query execution plans as interactive FlameGraphs

Show HN: LLM of Babel

A modern iperf3 alternative with a live TUI, multi-client server, QUIC support

Famfamfam Silk icons – also with CSS spritesheet

Apple is the only Big Tech company whose capex declined last quarter

Reverse-Engineering Raiders of the Lost Ark for the Atari 2600

Show HN: Deterministic NDJSON audit logs – v1.2 update (structural gaps)

The Greater Copenhagen Region could be your friend's next career move

Do Not Confirm – Fiction by OpenClaw

The Analytical Profile of Peas

Hallucinations in GPT5 – Can models say "I don't know" (June 2025)

What AI is good for, according to developers

OpenAI might pivot to the "most addictive digital friend" or face extinction

Show HN: Know how your SaaS is doing in 30 seconds

ClawdBot Ordered Me Lunch

What the News media thinks about your Indian stock investments

Running Lua on a tiny console from 2001

Google and Microsoft Paying Creators $500K+ to Promote AI Tools

New filtration technology could be game-changer in removal of PFAS

Show HN: I saw this cool navigation reveal, so I made a simple HTML+CSS version

Kinda Surprised by Seadance2's Moderation

I Write Games in C (yes, C)

Django scales. Stop blaming the framework (part 1 of 3)