cognitive cybersecurity intelligence

News and Analysis

Open Next for Cloudflare SSRF Vulnerability Let Attackers Load Remote Resources from Arbitrary Hosts

A high-severity SSRF vulnerability (CVE-2025-6087) has been discovered in the @opennextjs/cloudflare package, affecting versions before 1.3.0. It allows unauthenticated users to exploit the /_next/image endpoint to load arbitrary remote resources, posing phishing and internal service exposure risks. Mitigations include server-side updates and patches. Users are urged to upgrade to the patched version.

Source: cybersecuritynews.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

COOKIE SPIDER’s Malvertising Drops New SHAMOS macOS Malware – Hackread

COOKIE SPIDER’s Malvertising Drops New SHAMOS macOS Malware Hackread

HHS derecognizing unions representing staffers at CDC, FDA, NIH and more

The Department of Health and Human Services (HHS) moved Friday to derecognize labor union representation for staffers at multiple subagencies and offices, claiming the action