TechJun 4, 202617 minHTTP/2 Bomb: 5,700x Envoy, 4,000x Apache amplification via HPACK + flow control100Mbps to 32GB via HPACK + flow control stall. Envoy 5,700:1, Apache 4,000:1. Patch status: nginx 1.29.8, mod_h2 v2.0.41, Envoy 1.35–1.38, IIS/Pingora unpatched.SecurityCVEnginxApacheVulnerability
TechApr 17, 20268 minApache ActiveMQ Jolokia API RCE CVE-2026-34197 Added to CISA KEV, April 30 Deadline for Federal AgenciesCVE-2026-34197 (CVSS 8.8), an RCE in Apache ActiveMQ Classic that lurked for 13 years, was added to the CISA KEV catalog. Authenticated attackers can achieve remote code execution via the Jolokia API. Affects versions below 5.19.4 and 6.0.0–6.2.2.SecurityApacheActiveMQCVECISARCEJava
TechDec 10, 20253 min[Docker] Recreating Shared Hosting Development Environments in 2025 - Sakura and Lolipop EditionHow to build a Docker-based development environment that reproduces the shared hosting setups used by Sakura Internet and Lolipop.DockerPHPApacheSakura InternetLolipopShared Hosting