<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1">
  <url>
    <loc>https://0daynews.com/articles/2026-07-07-januscape-cve-2026-53359-kvm-guest-host-escape/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T23:20:00.000Z</news:publication_date>
      <news:title>Januscape (CVE-2026-53359): 16-year KVM guest-to-host escape</news:title>
      <news:keywords>CVE-2026-53359, Januscape, Linux kernel, KVM, shadow MMU, virtualization, kvmCTF</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-07-januscape-cve-2026-53359-kvm-guest-host-escape/cover.jpg</image:loc>
      <image:title>Januscape (CVE-2026-53359): 16-year KVM guest-to-host escape</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-07-beyondtrust-remote-support-pra-auth-bypass/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T22:15:00.000Z</news:publication_date>
      <news:title>BeyondTrust Patches Four RS/PRA Flaws — Patch Now</news:title>
      <news:keywords>CVE-2026-40138, CVE-2026-40139, CVE-2026-40140, CVE-2026-40141, BeyondTrust Remote Support, Privileged Remote Access, pre-auth auth bypass, vendor advisory</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-07-beyondtrust-remote-support-pra-auth-bypass/cover.jpg</image:loc>
      <image:title>BeyondTrust Patches Four RS/PRA Flaws — Patch Now</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-gitea-docker-cve-2026-20896-header-auth-bypass/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T18:20:00.000Z</news:publication_date>
      <news:title>Gitea Docker&apos;s Auth Bypass: Probing Already Underway</news:title>
      <news:keywords>Gitea, CVE-2026-20896, Docker, reverse-proxy, X-WEBAUTH-USER, authentication-bypass, self-hosted</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-gitea-docker-cve-2026-20896-header-auth-bypass/cover.jpg</image:loc>
      <image:title>Gitea Docker&apos;s Auth Bypass: Probing Already Underway</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-trojpix-air-gap-video-cable-emanation-shandong/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T15:00:00.000Z</news:publication_date>
      <news:title>TrojPix: air-gap exfil via video-cable RF emanation</news:title>
      <news:keywords>TrojPix, air-gap, side-channel, TEMPEST, electromagnetic emanation, Shandong University, ICS-OT</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-trojpix-air-gap-video-cable-emanation-shandong/cover.jpg</image:loc>
      <image:title>TrojPix: air-gap exfil via video-cable RF emanation</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-adobe-coldfusion-cve-2026-48282-active-exploitation/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T14:15:00.000Z</news:publication_date>
      <news:title>Adobe ColdFusion CVE-2026-48282: CVSS 10, Exploited</news:title>
      <news:keywords>Adobe, ColdFusion, CVE-2026-48282, path-traversal, RCE, active-exploitation, APSB26-68</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-adobe-coldfusion-cve-2026-48282-active-exploitation/cover.jpg</image:loc>
      <image:title>Adobe ColdFusion CVE-2026-48282: CVSS 10, Exploited</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-operation-dragonreturn-china-nexus-dcrat-india-tax/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T13:20:00.000Z</news:publication_date>
      <news:title>DragonReturn Drops DcRAT on Indian Taxpayers</news:title>
      <news:keywords>Operation DragonReturn, DcRAT, Silver Fox, Seqrite Labs, India, spear-phishing, DLL sideloading</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-operation-dragonreturn-china-nexus-dcrat-india-tax/cover.jpg</image:loc>
      <image:title>DragonReturn Drops DcRAT on Indian Taxpayers</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-gitlab-exiftool-rce-cve-2021-22205/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T13:00:00.000Z</news:publication_date>
      <news:title>GitLab&apos;s ExifTool RCE Sat Unrecognized for Months</news:title>
      <news:keywords>CVE-2021-22205, GitLab, ExifTool, remote code execution, patch adoption gap</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-gitlab-exiftool-rce-cve-2021-22205/cover.jpg</image:loc>
      <image:title>GitLab&apos;s ExifTool RCE Sat Unrecognized for Months</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-quimarat-java-cross-platform-maas-levelblue/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T13:00:00.000Z</news:publication_date>
      <news:title>QuimaRAT: A $150 Cross-Platform Java RAT MaaS</news:title>
      <news:keywords>QuimaRAT, LevelBlue, malware-as-a-service, cross-platform RAT, Java malware, SmartScreen bypass, MaaS pricing</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-quimarat-java-cross-platform-maas-levelblue/cover.jpg</image:loc>
      <image:title>QuimaRAT: A $150 Cross-Platform Java RAT MaaS</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-opera-gx-mods-auto-install-flaw-patched/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T09:20:00.000Z</news:publication_date>
      <news:title>Opera GX Patches Auto-Install Mods Flaw</news:title>
      <news:keywords>Opera GX, browser, mods, CSS-injection, XS-Leak, Bugcrowd, patch</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-opera-gx-mods-auto-install-flaw-patched/cover.jpg</image:loc>
      <image:title>Opera GX Patches Auto-Install Mods Flaw</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-skillcloak-scanners-miss-agent-skill-malware-hkust/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T08:15:00.000Z</news:publication_date>
      <news:title>SkillCloak: Scanners Miss 90%+ of Skill Malware</news:title>
      <news:keywords>SkillCloak, agent-skills, marketplace, static-scanning, HKUST, SkillDetonate, ClawHub</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-skillcloak-scanners-miss-agent-skill-malware-hkust/cover.jpg</image:loc>
      <image:title>SkillCloak: Scanners Miss 90%+ of Skill Malware</image:title>
    </image:image>
  </url>
</urlset>