<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1">
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-sentinellabs-balochistan-police-china-india-converge/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T21:20:00.000Z</news:publication_date>
      <news:title>China, India APTs Converge on Balochistan Police</news:title>
      <news:keywords>SentinelLABS, Balochistan Police, Mysterious Elephant, PlugX, ShadowPad, Pakistan, APT-C-08</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-11-sentinellabs-balochistan-police-china-india-converge/cover.jpg</image:loc>
      <image:title>China, India APTs Converge on Balochistan Police</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-jscrambler-npm-8-14-0-preinstall-rust-infostealer/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T20:15:00.000Z</news:publication_date>
      <news:title>jscrambler 8.14.0 npm hijack: Rust stealer on install</news:title>
      <news:keywords>jscrambler, npm, supply-chain, preinstall, infostealer, Rust, Socket</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-mvpnalyzer-281-android-vpn-study-leaks-tracking/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T19:00:00.000Z</news:publication_date>
      <news:title>281 free Android VPN apps: 29 leak, 246 track</news:title>
      <news:keywords>android, vpn, mvpnalyzer, ndss, mobile, dns-leak, google-play</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-ptc-windchill-flexplm-cve-2026-12569-kev-jsp-webshell/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T17:15:00.000Z</news:publication_date>
      <news:title>PTC Windchill PLM RCE is on KEV — shells still landing</news:title>
      <news:keywords>PTC Windchill, FlexPLM, CVE-2026-12569, CISA KEV, deserialization, JSP webshell, PLM</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-acsc-cms-plugin-exploitation-advisory-18-cves/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T15:05:00.000Z</news:publication_date>
      <news:title>Australia&apos;s ACSC names 18 CMS bugs under exploitation</news:title>
      <news:keywords>ACSC, CMS, WordPress, Craft CMS, Joomla JCE, webshells, plugin exploitation</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-11-acsc-cms-plugin-exploitation-advisory-18-cves/cover.jpg</image:loc>
      <image:title>Australia&apos;s ACSC names 18 CMS bugs under exploitation</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-gitea-docker-cve-2026-20896-sysdig-csa-1264-regression/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T12:03:16.000Z</news:publication_date>
      <news:title>Gitea Docker Auth Bypass: Patch 1.26.4, CSA Confirms</news:title>
      <news:keywords>Gitea, CVE-2026-20896, Docker, Sysdig, Singapore CSA, reverse-proxy, authentication-bypass</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-u-boot-libfdt-fit-parsing-six-brly-flaws/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T11:15:00.000Z</news:publication_date>
      <news:title>Six U-Boot flaws trace to one libfdt helper</news:title>
      <news:keywords>u-boot, libfdt, fit-image, bootloader, firmware, binarly, brly-2026-037</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-ghostcommit-png-prompt-injection-coderabbit-bugbot/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T11:00:00.000Z</news:publication_date>
      <news:title>Ghostcommit and the reviewers that don&apos;t open the PNG</news:title>
      <news:keywords>Ghostcommit, prompt injection, CodeRabbit, Bugbot, AI code review, supply chain</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-modbeacon-silver-fox-rust-rat-grpc-c2-qianxin/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T07:15:00.000Z</news:publication_date>
      <news:title>Silver Fox ships MODBEACON, a Rust RAT with gRPC C2</news:title>
      <news:keywords>Silver Fox, MODBEACON, QiAnXin, Rust malware, gRPC C2, SEO poisoning, counterfeit installers</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-11-modbeacon-silver-fox-rust-rat-grpc-c2-qianxin/cover.jpg</image:loc>
      <image:title>Silver Fox ships MODBEACON, a Rust RAT with gRPC C2</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-metasploit-weekly-flowise-csv-packagekit-modules/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T05:20:00.000Z</news:publication_date>
      <news:title>Metasploit Weekly Adds Flowise CSV, macOS PackageKit</news:title>
      <news:keywords>Metasploit, Rapid7, Flowise, CVE-2026-41264, PackageKit, CVE-2024-27822, macOS, prompt injection</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-cisa-kev-balbooa-icagenda-joomla-file-upload/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T04:20:00.000Z</news:publication_date>
      <news:title>Balbooa, iCagenda Join KEV: Four Joomla RCEs in Four Days</news:title>
      <news:keywords>CISA KEV, CVE-2026-56291, CVE-2026-48939, Balbooa Forms, iCagenda, Joomla, file upload, CWE-434</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-openmandriva-beatrici-cooker-cosmic-gnome-admin-boundary/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T03:15:00.000Z</news:publication_date>
      <news:title>OpenMandriva contributor deleted GNOME and Cosmic repos</news:title>
      <news:keywords>OpenMandriva, Davide Beatrici, Linux distribution, supply chain, maintainer trust, Cooker, GNOME</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-openmandriva-beatrici-cooker-cosmic-gnome-admin-boundary/cover.jpg</image:loc>
      <image:title>OpenMandriva contributor deleted GNOME and Cosmic repos</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-zimbra-10-1-19-classic-web-client-xss-google-tag/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T02:15:00.000Z</news:publication_date>
      <news:title>Zimbra ships 10.1.19; Google TAG reported the XSS</news:title>
      <news:keywords>Zimbra, Zimbra Collaboration Suite, Classic Web Client, stored XSS, Google TAG, Threat Analysis Group, webmail</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-11-npm-12-allowscripts-off-default-gats-oidc-branch/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T01:20:00.000Z</news:publication_date>
      <news:title>npm 12 turns install scripts off by default</news:title>
      <news:keywords>npm, supply-chain, allowScripts, install-scripts, granular-access-tokens, oidc, github</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-11-npm-12-allowscripts-off-default-gats-oidc-branch/cover.jpg</image:loc>
      <image:title>npm 12 turns install scripts off by default</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-iossifov-seized-crypto-wallet-still-had-key/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T23:55:00.000Z</news:publication_date>
      <news:title>A seized crypto account that moved from a cell</news:title>
      <news:keywords>Rossen Iossifov, RG Coins, crypto seizure, Alexandria Online Auction Fraud Network, custody, forfeiture</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-iossifov-seized-crypto-wallet-still-had-key/cover.jpg</image:loc>
      <image:title>A seized crypto account that moved from a cell</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-microsoft-mdash-msrc-humans-downstream/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T23:15:00.000Z</news:publication_date>
      <news:title>Microsoft&apos;s MDASH and the humans downstream of it</news:title>
      <news:keywords>Microsoft, MDASH, MSRC, Patch Tuesday, AI vulnerability discovery, Windows security</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-microsoft-mdash-msrc-humans-downstream/cover.jpg</image:loc>
      <image:title>Microsoft&apos;s MDASH and the humans downstream of it</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-openclaw-2026-6-6-nayak-whatsapp-host-rce-chain/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T22:15:00.000Z</news:publication_date>
      <news:title>OpenClaw patched a chain that started in a chat message</news:title>
      <news:keywords>openclaw, ai-assistant, command-injection, sandbox-escape, whatsapp, chinmohan-nayak</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-openclaw-2026-6-6-nayak-whatsapp-host-rce-chain/cover.jpg</image:loc>
      <image:title>OpenClaw patched a chain that started in a chat message</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-injective-sdk-ts-npm-oidc-thomasralee/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T21:15:00.000Z</news:publication_date>
      <news:title>Injective SDK&apos;s npm compromise, and the OIDC that let it</news:title>
      <news:keywords>injective-labs, npm, supply-chain, sdk-ts, oidc, wallet-security</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-injective-sdk-ts-npm-oidc-thomasralee/cover.jpg</image:loc>
      <image:title>Injective SDK&apos;s npm compromise, and the OIDC that let it</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-binarly-uboot-six-flaws-fit-signature-verification/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T20:20:00.000Z</news:publication_date>
      <news:title>Six U-Boot bugs sit in front of the signature check</news:title>
      <news:keywords>U-Boot, Binarly, FIT image, firmware, signature verification, bootloader, BRLY-2026-037</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-binarly-uboot-six-flaws-fit-signature-verification/cover.jpg</image:loc>
      <image:title>Six U-Boot bugs sit in front of the signature check</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-vardanyan-ryuk-guilty-plea-portland-six-year-pipeline/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T19:15:00.000Z</news:publication_date>
      <news:title>A Ryuk operator pleads guilty, six years after wind-down</news:title>
      <news:keywords>Ryuk, ransomware, Karen Vardanyan, Department of Justice, Conti, extradition, prosecution</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-politie-odido-dutch-speaker-vishing-shinyhunters-62m/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T18:15:00.000Z</news:publication_date>
      <news:title>Politie Points at Dutch Hackers in the 88GB Odido Leak</news:title>
      <news:keywords>Odido, ShinyHunters, vishing, Politie, Netherlands, telecom-breach, social-engineering</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-politie-odido-dutch-speaker-vishing-shinyhunters-6.2m/cover.jpg</image:loc>
      <image:title>Politie Points at Dutch Hackers in the 88GB Odido Leak</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-progress-sharefile-shutdown-storage-zone-moveit-echo/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T17:15:00.000Z</news:publication_date>
      <news:title>Progress tells ShareFile on-prem users to shut down servers</news:title>
      <news:keywords>Progress Software, ShareFile, Storage Zone Controllers, managed file transfer, MOVEit, vendor advisory</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-progress-sharefile-shutdown-storage-zone-moveit-echo/cover.jpg</image:loc>
      <image:title>Progress tells ShareFile on-prem users to shut down servers</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-donjon-tangem-laser-fault-injection-eal6-samsung/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T16:30:00.000Z</news:publication_date>
      <news:title>A laser resets Tangem wallets, and there&apos;s no patch</news:title>
      <news:keywords>Tangem, Ledger Donjon, hardware wallet, fault injection, laser fault injection, EAL6+, Samsung S3D232A</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-foxio-xring-xquic-qpack-integer-underflow-alibaba-silence/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T15:15:00.000Z</news:publication_date>
      <news:title>XRING: 260 bytes, no patch, three months of Alibaba silence</news:title>
      <news:keywords>XRING, XQUIC, Alibaba, HTTP/3, QPACK, FoxIO, integer underflow</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-foxio-xring-xquic-qpack-integer-underflow-alibaba-silence/cover.jpg</image:loc>
      <image:title>XRING: 260 bytes, no patch, three months of Alibaba silence</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-wp-shellstorm-socradar-exposed-server-funnel/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T14:15:00.000Z</news:publication_date>
      <news:title>WP-SHELLSTORM ran 22 days with its door left open</news:title>
      <news:keywords>WP-SHELLSTORM, SOCRadar, Ctrl-Alt-Intel, mass hacking, WordPress, Joomla, VShell, SNOWLIGHT</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-wp-shellstorm-socradar-exposed-server-funnel/cover.jpg</image:loc>
      <image:title>WP-SHELLSTORM ran 22 days with its door left open</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-android-free-vpn-study-familiar-audit-outcome/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T13:15:00.000Z</news:publication_date>
      <news:title>281 free Android VPNs, and a familiar audit outcome</news:title>
      <news:keywords>Android VPN, free VPN, mobile privacy, DNS leak, Google Play, consumer VPN audit</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-android-free-vpn-study-familiar-audit-outcome/cover.jpg</image:loc>
      <image:title>281 free Android VPNs, and a familiar audit outcome</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-illbloom-coinspect-weak-prng-mobile-wallet-drain/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T10:30:00.000Z</news:publication_date>
      <news:title>Ill Bloom is a $3.1M lesson in weak randomness, again</news:title>
      <news:keywords>Ill Bloom, Coinspect, PRNG, recovery phrase, BIP39, cryptocurrency wallet, wallet drainer</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-illbloom-coinspect-weak-prng-mobile-wallet-drain/cover.jpg</image:loc>
      <image:title>Ill Bloom is a $3.1M lesson in weak randomness, again</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-digitalmint-martino-70-months-blackcat-insider-negotiation/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T09:20:00.000Z</news:publication_date>
      <news:title>Ex-DigitalMint negotiator gets 70 months for BlackCat scheme</news:title>
      <news:keywords>BlackCat, ALPHV, DigitalMint, ransomware negotiation, insider threat, Angelo Martino, incident response</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-digitalmint-martino-70-months-blackcat-insider-negotiation/cover.jpg</image:loc>
      <image:title>Ex-DigitalMint negotiator gets 70 months for BlackCat scheme</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-meta-muse-image-instagram-public-default-impersonation-surface/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T07:20:00.000Z</news:publication_date>
      <news:title>Meta&apos;s Muse Image defaults on for public Instagram</news:title>
      <news:keywords>Meta AI, Muse Image, Instagram, impersonation, deepfake, vishing, threat model</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-meta-muse-image-instagram-public-default-impersonation-surface/cover.jpg</image:loc>
      <image:title>Meta&apos;s Muse Image defaults on for public Instagram</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-clearinghouse-summer-athena-lightwell-old-pattern/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T06:15:00.000Z</news:publication_date>
      <news:title>The clearinghouse boom is not new, and neither is the fatigue</news:title>
      <news:keywords>vulnerability disclosure, Chainguard, Athena, Project Lightwell, CVE, NVD, open source security</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-10-clearinghouse-summer-athena-lightwell-old-pattern/cover.jpg</image:loc>
      <image:title>The clearinghouse boom is not new, and neither is the fatigue</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-hackernews-ato-verification-step-passkey-aftermath/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T05:00:00.000Z</news:publication_date>
      <news:title>The ATO fight moved past credential stuffing</news:title>
      <news:keywords>account takeover, credential stuffing, passkeys, MFA, adversary-in-the-middle, The Hacker News</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-talos-hazel-winning-54-percent-defender-cliche/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T04:00:00.000Z</news:publication_date>
      <news:title>Talos on &apos;attackers only need to be right once&apos;</news:title>
      <news:keywords>Cisco Talos, defensive security, security clichés, defender mindset, Wimbledon, security marketing</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-10-datadog-dormant-github-ghost-accounts-org-enumeration/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-10T03:00:00.000Z</news:publication_date>
      <news:title>Datadog: 50+ dormant GitHub accounts mapping org charts</news:title>
      <news:keywords>GitHub, Datadog Security Labs, reconnaissance, ghost accounts, OAuth tokens, Julie Agnes Sparks</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-openmandriva-beatrici-mumble-contributor-repo-sabotage/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T23:15:00.000Z</news:publication_date>
      <news:title>OpenMandriva ex-contributor wipes GNOME, Cosmic packages</news:title>
      <news:keywords>OpenMandriva, Davide Beatrici, Mumble, insider threat, repository sabotage, Cooker, access review</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-09-openmandriva-beatrici-mumble-contributor-repo-sabotage/cover.jpg</image:loc>
      <image:title>OpenMandriva ex-contributor wipes GNOME, Cosmic packages</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-09-talos-vdr-wolfssl-geovision-vtk-dicom-disclosure/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T22:35:00.000Z</news:publication_date>
      <news:title>Talos discloses 18 vulns in WolfSSL, GeoVision, VTK-DICOM</news:title>
      <news:keywords>WolfSSL, GeoVision, VTK-DICOM, Cisco Talos, embedded firmware, third-party disclosure</news:keywords>
    </news:news>
  </url>
</urlset>