<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1">
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-microsoft-mdash-msrc-humans-downstream/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T23:15:00.000Z</news:publication_date>
      <news:title>Microsoft&apos;s MDASH and the humans downstream of it</news:title>
      <news:keywords>Microsoft, MDASH, MSRC, Patch Tuesday, AI vulnerability discovery, Windows security</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-microsoft-mdash-msrc-humans-downstream/cover.jpg</image:loc>
      <image:title>Microsoft&apos;s MDASH and the humans downstream of it</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-openclaw-2026-6-6-nayak-whatsapp-host-rce-chain/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T22:15:00.000Z</news:publication_date>
      <news:title>OpenClaw patched a chain that started in a chat message</news:title>
      <news:keywords>openclaw, ai-assistant, command-injection, sandbox-escape, whatsapp, chinmohan-nayak</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-openclaw-2026-6-6-nayak-whatsapp-host-rce-chain/cover.jpg</image:loc>
      <image:title>OpenClaw patched a chain that started in a chat message</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-injective-sdk-ts-npm-oidc-thomasralee/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T21:15:00.000Z</news:publication_date>
      <news:title>Injective SDK&apos;s npm compromise, and the OIDC that let it</news:title>
      <news:keywords>injective-labs, npm, supply-chain, sdk-ts, oidc, wallet-security</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-injective-sdk-ts-npm-oidc-thomasralee/cover.jpg</image:loc>
      <image:title>Injective SDK&apos;s npm compromise, and the OIDC that let it</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-binarly-uboot-six-flaws-fit-signature-verification/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T20:20:00.000Z</news:publication_date>
      <news:title>Six U-Boot bugs sit in front of the signature check</news:title>
      <news:keywords>U-Boot, Binarly, FIT image, firmware, signature verification, bootloader, BRLY-2026-037</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-binarly-uboot-six-flaws-fit-signature-verification/cover.jpg</image:loc>
      <image:title>Six U-Boot bugs sit in front of the signature check</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-vardanyan-ryuk-guilty-plea-portland-six-year-pipeline/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T19:15:00.000Z</news:publication_date>
      <news:title>A Ryuk operator pleads guilty, six years after wind-down</news:title>
      <news:keywords>Ryuk, ransomware, Karen Vardanyan, Department of Justice, Conti, extradition, prosecution</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-politie-odido-dutch-speaker-vishing-shinyhunters-62m/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T18:15:00.000Z</news:publication_date>
      <news:title>Politie Points at Dutch Hackers in the 88GB Odido Leak</news:title>
      <news:keywords>Odido, ShinyHunters, vishing, Politie, Netherlands, telecom-breach, social-engineering</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-politie-odido-dutch-speaker-vishing-shinyhunters-6.2m/cover.jpg</image:loc>
      <image:title>Politie Points at Dutch Hackers in the 88GB Odido Leak</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-progress-sharefile-shutdown-storage-zone-moveit-echo/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T17:15:00.000Z</news:publication_date>
      <news:title>Progress tells ShareFile on-prem users to shut down servers</news:title>
      <news:keywords>Progress Software, ShareFile, Storage Zone Controllers, managed file transfer, MOVEit, vendor advisory</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-progress-sharefile-shutdown-storage-zone-moveit-echo/cover.jpg</image:loc>
      <image:title>Progress tells ShareFile on-prem users to shut down servers</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-donjon-tangem-laser-fault-injection-eal6-samsung/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T16:30:00.000Z</news:publication_date>
      <news:title>A laser resets Tangem wallets, and there&apos;s no patch</news:title>
      <news:keywords>Tangem, Ledger Donjon, hardware wallet, fault injection, laser fault injection, EAL6+, Samsung S3D232A</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-foxio-xring-xquic-qpack-integer-underflow-alibaba-silence/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T15:15:00.000Z</news:publication_date>
      <news:title>XRING: 260 bytes, no patch, three months of Alibaba silence</news:title>
      <news:keywords>XRING, XQUIC, Alibaba, HTTP/3, QPACK, FoxIO, integer underflow</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-foxio-xring-xquic-qpack-integer-underflow-alibaba-silence/cover.jpg</image:loc>
      <image:title>XRING: 260 bytes, no patch, three months of Alibaba silence</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-wp-shellstorm-socradar-exposed-server-funnel/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T14:15:00.000Z</news:publication_date>
      <news:title>WP-SHELLSTORM ran 22 days with its door left open</news:title>
      <news:keywords>WP-SHELLSTORM, SOCRadar, Ctrl-Alt-Intel, mass hacking, WordPress, Joomla, VShell, SNOWLIGHT</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-wp-shellstorm-socradar-exposed-server-funnel/cover.jpg</image:loc>
      <image:title>WP-SHELLSTORM ran 22 days with its door left open</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-android-free-vpn-study-familiar-audit-outcome/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T13:15:00.000Z</news:publication_date>
      <news:title>281 free Android VPNs, and a familiar audit outcome</news:title>
      <news:keywords>Android VPN, free VPN, mobile privacy, DNS leak, Google Play, consumer VPN audit</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-android-free-vpn-study-familiar-audit-outcome/cover.jpg</image:loc>
      <image:title>281 free Android VPNs, and a familiar audit outcome</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-illbloom-coinspect-weak-prng-mobile-wallet-drain/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T10:30:00.000Z</news:publication_date>
      <news:title>Ill Bloom is a $3.1M lesson in weak randomness, again</news:title>
      <news:keywords>Ill Bloom, Coinspect, PRNG, recovery phrase, BIP39, cryptocurrency wallet, wallet drainer</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-illbloom-coinspect-weak-prng-mobile-wallet-drain/cover.jpg</image:loc>
      <image:title>Ill Bloom is a $3.1M lesson in weak randomness, again</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-digitalmint-martino-70-months-blackcat-insider-negotiation/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T09:20:00.000Z</news:publication_date>
      <news:title>Ex-DigitalMint negotiator gets 70 months for BlackCat scheme</news:title>
      <news:keywords>BlackCat, ALPHV, DigitalMint, ransomware negotiation, insider threat, Angelo Martino, incident response</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-digitalmint-martino-70-months-blackcat-insider-negotiation/cover.jpg</image:loc>
      <image:title>Ex-DigitalMint negotiator gets 70 months for BlackCat scheme</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-meta-muse-image-instagram-public-default-impersonation-surface/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T07:20:00.000Z</news:publication_date>
      <news:title>Meta&apos;s Muse Image defaults on for public Instagram</news:title>
      <news:keywords>Meta AI, Muse Image, Instagram, impersonation, deepfake, vishing, threat model</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-meta-muse-image-instagram-public-default-impersonation-surface/cover.jpg</image:loc>
      <image:title>Meta&apos;s Muse Image defaults on for public Instagram</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-clearinghouse-summer-athena-lightwell-old-pattern/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T06:15:00.000Z</news:publication_date>
      <news:title>The clearinghouse boom is not new, and neither is the fatigue</news:title>
      <news:keywords>vulnerability disclosure, Chainguard, Athena, Project Lightwell, CVE, NVD, open source security</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-clearinghouse-summer-athena-lightwell-old-pattern/cover.jpg</image:loc>
      <image:title>The clearinghouse boom is not new, and neither is the fatigue</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-hackernews-ato-verification-step-passkey-aftermath/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T05:00:00.000Z</news:publication_date>
      <news:title>The ATO fight moved past credential stuffing</news:title>
      <news:keywords>account takeover, credential stuffing, passkeys, MFA, adversary-in-the-middle, The Hacker News</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-talos-hazel-winning-54-percent-defender-cliche/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T04:00:00.000Z</news:publication_date>
      <news:title>Talos on &apos;attackers only need to be right once&apos;</news:title>
      <news:keywords>Cisco Talos, defensive security, security clichés, defender mindset, Wimbledon, security marketing</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-datadog-dormant-github-ghost-accounts-org-enumeration/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T03:00:00.000Z</news:publication_date>
      <news:title>Datadog: 50+ dormant GitHub accounts mapping org charts</news:title>
      <news:keywords>GitHub, Datadog Security Labs, reconnaissance, ghost accounts, OAuth tokens, Julie Agnes Sparks</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-openmandriva-beatrici-mumble-contributor-repo-sabotage/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T23:15:00.000Z</news:publication_date>
      <news:title>OpenMandriva ex-contributor wipes GNOME, Cosmic packages</news:title>
      <news:keywords>OpenMandriva, Davide Beatrici, Mumble, insider threat, repository sabotage, Cooker, access review</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-openmandriva-beatrici-mumble-contributor-repo-sabotage/cover.jpg</image:loc>
      <image:title>OpenMandriva ex-contributor wipes GNOME, Cosmic packages</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-talos-vdr-wolfssl-geovision-vtk-dicom-disclosure/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T22:35:00.000Z</news:publication_date>
      <news:title>Talos discloses 18 vulns in WolfSSL, GeoVision, VTK-DICOM</news:title>
      <news:keywords>WolfSSL, GeoVision, VTK-DICOM, Cisco Talos, embedded firmware, third-party disclosure</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-helix-reliaquest-sharepoint-vishing-blackfile-overlap/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T22:00:00.000Z</news:publication_date>
      <news:title>Helix: new data-extortion crew hits SharePoint via vishing</news:title>
      <news:keywords>Helix, ReliaQuest, SharePoint, data extortion, vishing, device code phishing, BlackFile</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-microsoft-mdash-ai-scanner-fatter-patch-tuesdays/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T22:00:00.000Z</news:publication_date>
      <news:title>Microsoft: MDASH will grow Patch Tuesday numbers</news:title>
      <news:keywords>Microsoft, Windows, MDASH, Patch Tuesday, AI vulnerability discovery, Pavan Davuluri</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-injectivelabs-sdk-ts-npm-1-20-21-wallet-stealer/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T21:00:00.000Z</news:publication_date>
      <news:title>Injective SDK 1.20.21 on npm shipped a wallet stealer</news:title>
      <news:keywords>Injective Labs, injectivelabs/sdk-ts, npm, supply chain, wallet stealer, Socket, Ox Security, StepSecurity</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-injectivelabs-sdk-ts-npm-1-20-21-wallet-stealer/cover.jpg</image:loc>
      <image:title>Injective SDK 1.20.21 on npm shipped a wallet stealer</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-microsoft-gigawiper-bluerabbit-cyberav3ngers-israel-wiper/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T20:15:00.000Z</news:publication_date>
      <news:title>GigaWiper/BLUERABBIT: Go-based wiper, CyberAv3ngers-linked</news:title>
      <news:keywords>GigaWiper, BLUERABBIT, CyberAv3ngers, Crucio, Iran IRGC, Israel wiper, Microsoft Security Blog, Binary Defense</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-microsoft-gigawiper-bluerabbit-cyberav3ngers-israel-wiper/cover.jpg</image:loc>
      <image:title>GigaWiper/BLUERABBIT: Go-based wiper, CyberAv3ngers-linked</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-npm-12-install-scripts-off-default-github-gat-deprecation/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T18:00:00.000Z</news:publication_date>
      <news:title>npm 12 flips install scripts off by default</news:title>
      <news:keywords>npm, supply chain, GitHub, install scripts, granular access tokens, 2FA</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-npm-12-install-scripts-off-default-github-gat-deprecation/cover.jpg</image:loc>
      <image:title>npm 12 flips install scripts off by default</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-forg365-phaas-m365-aitm-device-code-zerobec/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T16:00:01.000Z</news:publication_date>
      <news:title>Forg365 PhaaS Chains AiTM + Device-Code + AI Lures at M365</news:title>
      <news:keywords>Forg365, phishing-as-a-service, Microsoft 365, AiTM, device code phishing, Entra, ZeroBEC</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-forg365-phaas-m365-aitm-device-code-zerobec/cover.jpg</image:loc>
      <image:title>Forg365 PhaaS Chains AiTM + Device-Code + AI Lures at M365</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-goddamn-ransomware-poisonx-driver-beast-rebrand/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T13:15:00.000Z</news:publication_date>
      <news:title>GodDamn ransomware: Beast rebrand, signed EDR-killer driver</news:title>
      <news:keywords>GodDamn ransomware, Beast ransomware, PoisonX, BYOVD, Symantec, Hyadina, EDR bypass</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-goddamn-ransomware-poisonx-driver-beast-rebrand/cover.jpg</image:loc>
      <image:title>GodDamn ransomware: Beast rebrand, signed EDR-killer driver</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-microsoft-owa-light-retirement-exchange-server/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T12:15:00.000Z</news:publication_date>
      <news:title>Microsoft to retire OWA Light in Exchange Server</news:title>
      <news:keywords>Microsoft, Exchange Server, OWA Light, Outlook Web Access, legacy surface, deprecation</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-interpol-first-light-5811-arrests-293m-seized/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T11:15:00.000Z</news:publication_date>
      <news:title>INTERPOL First Light 2026: 5,811 arrests, $293M seized</news:title>
      <news:keywords>INTERPOL, Operation First Light, BEC, romance scam, sextortion, ASEANAPOL, GCCPOL, financial crime</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-interpol-first-light-5811-arrests-293m-seized/cover.jpg</image:loc>
      <image:title>INTERPOL First Light 2026: 5,811 arrests, $293M seized</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-ai-now-friendly-fire-claude-code-codex-review-exploit/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T10:15:00.000Z</news:publication_date>
      <news:title>Friendly Fire: agents review the trap, then execute it</news:title>
      <news:keywords>friendly-fire, ai-now-institute, claude-code, openai-codex, autonomous-agents, supply-chain</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-ai-now-friendly-fire-claude-code-codex-review-exploit/cover.jpg</image:loc>
      <image:title>Friendly Fire: agents review the trap, then execute it</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-assuranceamerica-breach-6-9m-drivers-march-intrusion/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T09:30:00.000Z</news:publication_date>
      <news:title>AssuranceAmerica breach: 6.9M drivers, 4-month notice gap</news:title>
      <news:keywords>AssuranceAmerica, insurance breach, driver data, Maine AG filing, breach notification, identity fraud</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-assuranceamerica-breach-6-9m-drivers-march-intrusion/cover.jpg</image:loc>
      <image:title>AssuranceAmerica breach: 6.9M drivers, 4-month notice gap</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-infoblox-lurking-lizard-230-domain-fake-7zip-residential-proxy/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T08:15:00.000Z</news:publication_date>
      <news:title>Infoblox: Lurking Lizard runs 230-domain fake 7-Zip proxy</news:title>
      <news:keywords>Lurking Lizard, Infoblox, residential proxy, fake 7-Zip, drop-catching, WireVPN, DNS threat intelligence</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-infoblox-lurking-lizard-230-domain-fake-7zip-residential-proxy/cover.jpg</image:loc>
      <image:title>Infoblox: Lurking Lizard runs 230-domain fake 7-Zip proxy</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-microsoft-defender-rogueplanet-cve-2026-50656-lpe-patch/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T07:15:00.000Z</news:publication_date>
      <news:title>Microsoft patches Defender &apos;RoguePlanet&apos; LPE; PoC public</news:title>
      <news:keywords>Microsoft Defender, CVE-2026-50656, RoguePlanet, elevation of privilege, Malware Protection Engine, race condition, out-of-band patch</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-wiz-ghostapproval-symlink-six-ai-coding-assistants/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T06:15:00.000Z</news:publication_date>
      <news:title>GhostApproval symlink bug hits six AI coding assistants</news:title>
      <news:keywords>GhostApproval, Wiz, AI coding assistants, symlink, trust boundary, CVE-2026-50549, CVE-2026-12958</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-simplehelp-cve-2026-48558-oidc-bypass-past-kev-deadline/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T04:00:00.000Z</news:publication_date>
      <news:title>SimpleHelp OIDC Auth Bypass Past CISA Deadline: Patch Now</news:title>
      <news:keywords>SimpleHelp, CVE-2026-48558, OIDC, KEV, remote support, authentication bypass, CISA</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-08-redwing-android-maas-oblivion-telegram-zimperium/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T02:00:00.000Z</news:publication_date>
      <news:title>RedWing turns Android bank fraud into a Telegram rental</news:title>
      <news:keywords>RedWing, Oblivion, Zimperium zLabs, Android banking malware, malware-as-a-service, Telegram, accessibility abuse</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-08-redwing-android-maas-oblivion-telegram-zimperium/cover.jpg</image:loc>
      <image:title>RedWing turns Android bank fraud into a Telegram rental</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-08-spain-palencia-carr-noname-logistics-arrest/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T23:45:00.000Z</news:publication_date>
      <news:title>Spain arrests suspected CARR logistics operator</news:title>
      <news:keywords>CARR, CyberArmy of Russia Reborn, NoName057(16), Z-Pentest, hacktivism, Spain, attribution</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-08-spain-palencia-carr-noname-logistics-arrest/cover.jpg</image:loc>
      <image:title>Spain arrests suspected CARR logistics operator</image:title>
    </image:image>
  </url>
</urlset>