diff --git a/HISTORY.md b/HISTORY.md
index 5ee5029d9f..faaf41c4b5 100644
--- a/HISTORY.md
+++ b/HISTORY.md
@@ -6,6 +6,10 @@ dev
 
 - \[Short description of non-trivial change.\]
 
+**Security**
+- Add a default timeout value to Requests. The default connect timeout is 10.0
+  seconds and the default read timeout is 30.0 seconds. (#3070)
+
 2.32.1 (2024-05-20)
 -------------------
 
diff --git a/src/requests/sessions.py b/src/requests/sessions.py
index b387bc36df..2bf4aa8e8f 100644
--- a/src/requests/sessions.py
+++ b/src/requests/sessions.py
@@ -58,6 +58,10 @@
     preferred_clock = time.time
 
 
+# (connect timeout, read timeout)
+_DEFAULT_TIMEOUT = (10.0, 30.0)
+
+
 def merge_setting(request_setting, session_setting, dict_class=OrderedDict):
     """Determines appropriate setting for a given request, taking into account
     the explicit setting on that request, and the setting in the session. If a
@@ -582,7 +586,7 @@ def request(
 
         # Send the request.
         send_kwargs = {
-            "timeout": timeout,
+            "timeout": timeout if timeout is not None else _DEFAULT_TIMEOUT,
             "allow_redirects": allow_redirects,
         }
         send_kwargs.update(settings)