#intel

### Impact There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users' keys, smart contracts, or funds. This primarily impacts builders working on resource servers. ### Patches Please update to the following package versions: * x402 >= 0.5.2 * x402-next >= 0.5.2 * x402-express >= 0.5.2 * x402-hono >= 0.5.2

FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…

The combination of Incode's AI models and AuthenticID's experience running identity programs at scale in regulated environments will provide customers with holistic fraud signal analysis, multi-modal intelligence, real-time personhood verification, and advanced deepfake detection.

A new report from Red Canary reveals a clever Linux malware called DripDropper that exploits a flaw and…

Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence (GenAI) model into carrying out intended actions by embedding the malicious instruction inside a fake CAPTCHA check on a web page. Described by Guardio Labs an "AI-era take on the ClickFix scam," the attack technique demonstrates how AI-driven browsers,

A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering.

Cybersecurity risks can come from everywhere, as these riveting Dark Reading News Desk videos detail. Check out Part 1 of our broadcast coverage of the top research presented at Black Hat USA 2025.

### Impact The WP Crontrol plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in versions 1.17.0 to 1.19.1 via the `wp_remote_request()` function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. It is not possible for a user without Administrator level access to exploit this weakness. It is not possible for an Administrator performing an attack to see the HTTP response to the request to their chosen URL, nor is it possible for them to time the response. ### Patches WP Crontrol version 1.19.2 makes the following changes to harden the URL cron event feature: * URLs are now validated for safety with the `wp_http_validate_url()` function upon saving. The user is informed if they save a cron event containing a URL that is not considered safe, and the HTTP request will ...

Startups are ready to bring AI powered toys to the market as an alternative for screen time. But is that really progress?

The U.K. government has apparently abandoned its plans to force Apple to weaken encryption protections and include a backdoor that would have enabled access to the protected data of U.S. citizens. U.S. Director of National Intelligence (DNI) Tulsi Gabbard, in a statement posted on X, said the U.S. government had been working with its partners with the U.K. over the past few months to ensure that