OpenAI Codex chains old DoS techniques into HTTP/2 Bomb that crashes servers in seconds

OpenAI's agent chained decade-old DoS attacks to crash web servers in seconds

The next threat your server faces may have been helped along by a bot. OpenAI's Codex agent helped uncover a remote denial-of-service (DoS) exploit that can be launched from a single machine to render vulnerable web servers inaccessible in seconds, according to Calif security researchers. The attack works on default HTTP/2 configurations of major web servers including nginx, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora. As of Thursday, Microsoft IIS and Cloudflare Pingora still don't have a patch, according to the researchers, although Cloudflare disputes this finding. "Cloudflare's existing architecture and DDoS mitigations automatically detect and protect against this attack, making customers resilient to this vulnerability," a spokesperson told The Register. "No patch is needed." Microsoft did not respond to our questions. Calif researcher Quang Luong discovered the exploit, named it HTTP/2 Bomb, and will present the full technical details of the attack at the Real World AI Security conference later this month. In the meantime, there are proof-of-concept exploit scripts on GitHub along with a warning from the AI red teaming security shop: "Please don't point these at infrastructure you don't own." In a Tuesday blog, Luong says Codex chained two existing DoS attack techniques that have been known for more than a decade - HPACK compression bomb and Slowloris-style hold - and warns that upwards of 880,000 websites supporting HTTP/2 and running one of the vulnerable web servers may be affected. An HPACK bomb attack (also known as CVE-2016-6581) exploits the HTTP/2 header compression algorithm (HPACK) by sending thousands of tiny messages to the server, forcing it to rapidly allocate memory and ultimately crash. Then the Slowloris DoS attack (CVE-2016-8740 and CVE-2016-1546) overwhelms the server by opening legitimate connections and maintaining them as long as possible. Combining the two exhausts the server's memory and forces it offline. "A home computer on a 100Mbps connection can render a vulnerable server inaccessible within seconds," Luong wrote. "Against Apache httpd and Envoy, a single client can consume and hold 32GB of server memory in roughly 20 seconds." The Calif research team disclosed the issue to nginx in April, and the web server's maintainers fixed it the next day in version 1.29.8, which imports the max_headers directive from freenginx. Apache issued a fix (mod_http2 v2.0.41) the same day that Calif submitted its report, and assigned it CVE-2026-49975. "The fix commits above are public and disclose the vectors directly; any capable AI model can turn those diffs into a working exploit, which is exactly how we found that Microsoft IIS, Envoy, and Pingora are also vulnerable," the threat hunting team wrote, adding that all three have been notified. In a Wednesday update, Calif pointed to Envoy patches "that appear to mitigate this attack," and notes that its researchers are still validating the fix to ensure it works. For Microsoft IIS and Cloudflare Pingora, the security sleuths recommend disabling HTTP/2 if possible, or enforcing a cap on the number of HTTP headers a client can send in a single request to the server. The fact that a coding agent - not a human - discovered this attack is notable, according to Calif. "Both halves have been public for a decade," Luong wrote. "What Codex did was read the codebases, recognize that the two compose, and build the combined attack. That combination is obvious once you see it, and yet as far as we can tell no human had put it together against these servers." ®

OpenAI's Codex helps discover HTTP/2 Bomb DoS attack that can nuke over 30GB of RAM within seconds, knocking web servers offline before they can react

A new attack technique affects HTTP/2 configurations of major web servers * New DoS technique dubbed HTTP/2 Bomb * Exploits compression and flow‑control stalling * Major web servers confirmed vulnerable We can thank AI for a new denial-of-service (DoS) technique that can knock a server offline in mere seconds, using nothing but a single computer with a 100 Mbps connection. Earlier this week, cybersecurity researchers Calif disclosed discovering a new DoS technique called HTTP/2 Bomb. They used OpenAI's Codex software agent to discover it, saying it combines two previously known HTTP/2 DoS methods: the HPACK compression amplification, and Slowloris-style resource retention via HTTP/2 flow-control stalling. Simply put, the attack tricks a web server into reserving large amounts of memory while sending very little data. The attacker exploits a feature in HTTP/2 that allows small requests to expand into much larger amounts of data inside the server, forcing it to allocate memory. Proof of Concept released Normally, that memory would be released after processing the request. However, the attacker then uses a separate HTTP/2 feature to keep the connection open indefinitely. As more malicious requests arrive, memory usage grows fast, until the server slows down and ultimately crashes. Calif says the technique works on HTTP/2 configurations of major web servers, including NGINX, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora. According to CyberInsider, the affected products "power a significant portion of the web", suggesting that the risk is quite extensive. Some have already issued a patch, while others remain vulnerable. Keep track of your servers' configurations for incoming updates. "A home computer on a 100Mbps connection can render a vulnerable server inaccessible within seconds. Against Apache httpd and Envoy, a single client can consume and hold 32GB of server memory in roughly 20 seconds," the researchers said Current defenses are powerless against HTTP/2 Bomb, it was further explained. Limits on the total decoder header size, for example, doesn't work since header values used in the attack are miniscule. Technical details will be released later this month, it was said, but Calif already released a proof-of-concept (PoC). Calif says the technique works on HTTP/2 configurations of major web servers, including NGINX, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora. Some have already issued a patch, while others remain vulnerable. Keep track of your servers' configurations for incoming updates. "A home computer on a 100Mbps connection can render a vulnerable server inaccessible within seconds. Against Apache httpd and Envoy, a single client can consume and hold 32GB of server memory in roughly 20 seconds," the researchers said Current defenses are powerless against HTTP/2 Bomb, it was further explained. Limits on the total decoder header size, for example, doesn't work since header values used in the attack are miniscule. Technical details will be released later this month, it was said, but Calif already released a proof-of-concept (PoC). Via BleepingComputer Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.