ADVERTISEMENT

24M websites vulnerable to complete takeover due to backend reliance on flawed HTTP/1.1

Millions of websites appear to use modern secure protocols, but under the hood, they’re actually downgrading requests to the old HTTP/1.1 somewhere in the proxy chain. Hackers can completely take over these websites due to inherent technology flaws, security researchers warn.

http protocol flaw

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Aug 13, 2025 Updated: 13 August 2025 3 min read
desync-attack-concept
Desync attack concept. Image by PortSwigger.
ADVERTISEMENT

How do HTTP desync attacks work?

Gintaras Radauskas Konstancija Gasaityte Jurgita Lapienyte vilius
Be the first to know and get our latest stories on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT