ALPACA: New TLS Attack Allows User Data Extraction, Code Execution

Researchers from three universities in Germany have identified a new TLS attack method that can allow a man-in-the-middle (MitM) attacker to extract user data or execute arbitrary code.
The new attack, dubbed ALPACA, has been described as an “application layer protocol content confusion attack.”
read more