Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack August 5, 2020 https://thehackernews.com/2020/08/http-request-smuggling.html
AWS launches open source tool to protect against HTTP request smuggling attacks HTTP Desync Guardian released to help prevent user accounts from being hijacked August 18, 2020 https://portswigger.net/daily-swig/...rotect-against-http-request-smuggling-attacks
HTTP request smuggling: HTTP/2 opens a new attack tunnel Technique dubbed ‘h2c smuggling’ takes advantage of HTTP/1.1 upgrades to bypass proxy access controls September 9, 2020 https://portswigger.net/daily-swig/http-request-smuggling-http-2-opens-a-new-attack-tunnel h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)
HTTP/2 Implementation Errors Exposing Websites to Serious Risks August 6, 2021 https://www.darkreading.com/applica...ion-errors-exposing-websites-to-serious-risks
HTTP Request Smuggling in Web Proxies Vulnerability Note VU#357312 August 6, 2021 (Updated: August 9, 2021) https://kb.cert.org/vuls/id/357312
New differential fuzzing tool reveals novel HTTP request smuggling techniques White paper systematically examines the attack while showcasing a ‘laundry list’ of new flaws November 25, 2021