Nearly 50% of all websites currently use the HTTP/2 (H2) protocol, which was introduced in 2015 as a faster and simpler alternative to HTTP/1.1. Security researcher James Kettle showed how similar attacks could be carried out with potentially severe consequences against websites using the new standard. Kettle: Organizations that don’t use the protocol in an end-to-end fashion are vulnerable to attacks that redirect users to malicious sites and other threats. He also released an updated version of HTTP Request Smuggler, a tool that can detect specific vulnerabilities on their network network scanner.”]