HTTP compression continues to put encrypted communications at risk
Security researchers have expanded and improved the three-year-old BREACH attack that exploits the HTTP compression mechanism in order to recover sensitive information such as authentication cookies from encrypted Web traffic.