<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9">
  <url>
    <loc>https://hackyjs.com/posts/asyncapis-compromised-npm-packages-practical-steps-to-harden-your-dependency-supply-chain</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-15T00:00:00.000Z</news:publication_date>
      <news:title>AsyncAPI&apos;s Compromised npm Packages: Practical Steps to Harden Your Dependency Supply Chain</news:title>
      <news:keywords>asyncapi, npm, supply-chain-security, dependency-management</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/detecting-ai-assisted-attack-chains-a-practical-look-at-the-claude-code-and-deepseek-campaigns</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-15T00:00:00.000Z</news:publication_date>
      <news:title>Detecting AI-Assisted Attack Chains: A Practical Look at the Claude Code and DeepSeek Campaigns</news:title>
      <news:keywords>cybersecurity, ai-security, threat-detection, incident-response</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/from-prompt-to-payload-how-gemini-cli-enables-rapid-botnet-construction</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-15T00:00:00.000Z</news:publication_date>
      <news:title>From Prompt to Payload: How Gemini CLI Enables Rapid Botnet Construction</news:title>
      <news:keywords>cybersecurity, ai-security, botnet, gemini-cli</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/how-to-audit-your-sonicwall-exposure-after-the-latest-zero-day-exploits</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-15T00:00:00.000Z</news:publication_date>
      <news:title>How to Audit Your SonicWall Exposure After the Latest Zero-Day Exploits</news:title>
      <news:keywords>sonicwall, zero-day, cybersecurity, vulnerability-management</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/auditing-remote-access-gateways-after-cve-2026-15409-and-cve-2026-15410</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-14T00:00:00.000Z</news:publication_date>
      <news:title>Auditing Remote Access Gateways After CVE-2026-15409 and CVE-2026-15410</news:title>
      <news:keywords>cybersecurity, sonicwall, zero-day, remote-access</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/auth-bypass-in-vmware-avi-load-balancer-from-detection-to-patch</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-14T00:00:00.000Z</news:publication_date>
      <news:title>Auth Bypass in VMware Avi Load Balancer: From Detection to Patch</news:title>
      <news:keywords>vmware, avi-load-balancer, authentication-bypass, vulnerability, cybersecurity</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/from-worm-to-rat-miasmas-new-npm-payload-stays-hidden-by-killing-its-own-spread</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-14T00:00:00.000Z</news:publication_date>
      <news:title>From Worm to RAT: Miasma’s New npm Payload Stays Hidden by Killing Its Own Spread</news:title>
      <news:keywords>npm, cybersecurity, supply-chain-security, malware</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/how-the-claude-chrome-extensions-oauth-misconfiguration-gave-attackers-access-to-gmail-and-docs</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-14T00:00:00.000Z</news:publication_date>
      <news:title>How the Claude Chrome Extension&apos;s OAuth Misconfiguration Gave Attackers Access to Gmail and Docs</news:title>
      <news:keywords>cybersecurity, oauth, chrome-extension, gmail, google-docs</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/testing-the-impact-of-cve-2026-56155-and-cve-2026-56164-on-your-javascript-backend</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-14T00:00:00.000Z</news:publication_date>
      <news:title>Testing the Impact of CVE-2026-56155 and CVE-2026-56164 on Your JavaScript Backend</news:title>
      <news:keywords>cybersecurity, javascript, backend, cve, patch-tuesday</news:keywords>
    </news:news>
  </url>
</urlset>
