<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9">
  <url>
    <loc>https://hackyjs.com/posts/dissecting-chromes-latest-uaf-fixes-a-practical-guide-for-web-defenders</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T00:00:00.000Z</news:publication_date>
      <news:title>Dissecting Chrome&apos;s Latest UAF Fixes: A Practical Guide for Web Defenders</news:title>
      <news:keywords>chrome, use-after-free, browser-security, web-defenders</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/rogueplanet-defender-zero-day-testing-nodejs-dev-workstations-for-the-flaw</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T00:00:00.000Z</news:publication_date>
      <news:title>RoguePlanet Defender Zero-Day: Testing Node.js Dev Workstations for the Flaw</news:title>
      <news:keywords>cybersecurity, nodejs, zero-day, patch-management</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/snow-malwares-websocket-c2-tunnels-how-browser-extensions-turn-into-covert-channels</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T00:00:00.000Z</news:publication_date>
      <news:title>SNOW Malware’s WebSocket C2 Tunnels: How Browser Extensions Turn Into Covert Channels</news:title>
      <news:keywords>cybersecurity, malware, websocket, browser-extensions, microsoft-teams</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/auditing-android-17s-one-click-exploit-tap-based-rce-delivery-tricks-and-defenses</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T00:00:00.000Z</news:publication_date>
      <news:title>Auditing Android 17’s One-Click Exploit: Tap-Based RCE, Delivery Tricks, and Defenses</news:title>
      <news:keywords>android-security, rce, exploit-analysis, mobile-security</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/testing-the-gitlost-prompt-injection-extracting-private-repos-through-githubs-copilot-agent</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T00:00:00.000Z</news:publication_date>
      <news:title>Testing the GitLost Prompt Injection: Extracting Private Repos Through GitHub&apos;s Copilot Agent</news:title>
      <news:keywords>github, copilot, prompt-injection, cybersecurity</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/the-claude-desktop-rce-when-ai-agents-trust-untrusted-messages</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T00:00:00.000Z</news:publication_date>
      <news:title>The Claude Desktop RCE: When AI Agents Trust Untrusted Messages</news:title>
      <news:keywords>claude, rce, ai-security, prompt-injection</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/what-cve-2026-55255-reveals-about-trust-boundaries-in-langflow-based-ai-workflows</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T00:00:00.000Z</news:publication_date>
      <news:title>What CVE-2026-55255 Reveals About Trust Boundaries in Langflow-Based AI Workflows</news:title>
      <news:keywords>cve-2026-55255, langflow, ai-security, credential-harvesting, trust-boundaries</news:keywords>
    </news:news>
  </url>
</urlset>
