<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1">
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-gitea-docker-cve-2026-20896-header-auth-bypass/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T18:20:00.000Z</news:publication_date>
      <news:title>Gitea CVE-2026-20896: Docker default trusts any X-WEBAUTH-USER — probing observed</news:title>
      <news:keywords>Gitea, CVE-2026-20896, Docker, reverse-proxy, X-WEBAUTH-USER, authentication-bypass, self-hosted</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-trojpix-air-gap-video-cable-emanation-shandong/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T15:00:00.000Z</news:publication_date>
      <news:title>TrojPix: air-gap exfil via video-cable RF emanation</news:title>
      <news:keywords>TrojPix, air-gap, side-channel, TEMPEST, electromagnetic emanation, Shandong University, ICS-OT</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-trojpix-air-gap-video-cable-emanation-shandong/cover.jpg</image:loc>
      <image:title>TrojPix: air-gap exfil via video-cable RF emanation</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-adobe-coldfusion-cve-2026-48282-active-exploitation/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T14:15:00.000Z</news:publication_date>
      <news:title>Adobe ColdFusion CVE-2026-48282 hits CVSS 10 — active exploitation confirmed</news:title>
      <news:keywords>Adobe, ColdFusion, CVE-2026-48282, path-traversal, RCE, active-exploitation, APSB26-68</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-operation-dragonreturn-china-nexus-dcrat-india-tax/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T13:20:00.000Z</news:publication_date>
      <news:title>Operation DragonReturn drops DcRAT on Indian taxpayers, Silver Fox overlaps</news:title>
      <news:keywords>Operation DragonReturn, DcRAT, Silver Fox, Seqrite Labs, India, spear-phishing, DLL sideloading</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-gitlab-exiftool-rce-cve-2021-22205/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T13:00:00.000Z</news:publication_date>
      <news:title>GitLab&apos;s ExifTool RCE: A Patch That Sat Unrecognized for Months</news:title>
      <news:keywords>CVE-2021-22205, GitLab, ExifTool, remote code execution, patch adoption gap</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-gitlab-exiftool-rce-cve-2021-22205/cover.jpg</image:loc>
      <image:title>GitLab&apos;s ExifTool RCE: A Patch That Sat Unrecognized for Months</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-quimarat-java-cross-platform-maas-levelblue/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T13:00:00.000Z</news:publication_date>
      <news:title>QuimaRAT: a Java RAT MaaS that covers Windows, Linux, and macOS for $150</news:title>
      <news:keywords>QuimaRAT, LevelBlue, malware-as-a-service, cross-platform RAT, Java malware, SmartScreen bypass, MaaS pricing</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-quimarat-java-cross-platform-maas-levelblue/cover.jpg</image:loc>
      <image:title>QuimaRAT: a Java RAT MaaS that covers Windows, Linux, and macOS for $150</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-opera-gx-mods-auto-install-flaw-patched/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T09:20:00.000Z</news:publication_date>
      <news:title>Opera GX patches auto-install mods flaw — update to 130.0.5847.89</news:title>
      <news:keywords>Opera GX, browser, mods, CSS-injection, XS-Leak, Bugcrowd, patch</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-skillcloak-scanners-miss-agent-skill-malware-hkust/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T08:15:00.000Z</news:publication_date>
      <news:title>SkillCloak paper: static scanners miss 90%+ of agent skill malware</news:title>
      <news:keywords>SkillCloak, agent-skills, marketplace, static-scanning, HKUST, SkillDetonate, ClawHub</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-05-flipper-zero-firmware-maintenance-only-community-driven/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-05T17:20:00.000Z</news:publication_date>
      <news:title>Flipper Zero firmware goes maintenance-only — the honest timeline</news:title>
      <news:keywords>Flipper Zero, Flipper Devices, firmware, open source, red team tooling, community maintenance</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-05-flipper-zero-firmware-maintenance-only-community-driven/cover.jpg</image:loc>
      <image:title>Flipper Zero firmware goes maintenance-only — the honest timeline</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-05-barracuda-esg-zero-day-cve-2023-2868/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-05T15:30:00.000Z</news:publication_date>
      <news:title>Barracuda Told Customers to Replace Their Appliances, Not Just Patch Them. Here&apos;s Why.</news:title>
      <news:keywords>CVE-2023-2868, Barracuda ESG, Email Security Gateway, appliance replacement, persistent backdoor</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-05-barracuda-esg-zero-day-cve-2023-2868/cover.jpg</image:loc>
      <image:title>Barracuda Told Customers to Replace Their Appliances, Not Just Patch Them. Here&apos;s Why.</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-05-jfrog-rollup-polyfill-npm-six-packages-follow-up/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-05T15:20:00.000Z</news:publication_date>
      <news:title>Four more Rollup polyfill typosquats surface in JFrog&apos;s fuller DPRK writeup</news:title>
      <news:keywords>npm, supply-chain, DPRK, North Korea, Rollup, JFrog, Lazarus, typosquatting, BeaverTail</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-05-jfrog-rollup-polyfill-npm-six-packages-follow-up/cover.jpg</image:loc>
      <image:title>Four more Rollup polyfill typosquats surface in JFrog&apos;s fuller DPRK writeup</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-05-winrar-path-traversal-cve-2023-38831/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-05T13:00:00.000Z</news:publication_date>
      <news:title>The WinRAR Bug That Hid a Malicious Script Behind a Fake Photo</news:title>
      <news:keywords>CVE-2023-38831, WinRAR, RARLAB, path traversal, spoofed file extension</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-05-winrar-path-traversal-cve-2023-38831/cover.jpg</image:loc>
      <image:title>The WinRAR Bug That Hid a Malicious Script Behind a Fake Photo</image:title>
    </image:image>
  </url>
</urlset>